CVE-2008-2349

Name of the Vulnerable Software and Affected Versions: Zomplog versions 3.8.2 and earlier

Description: The issue allows remote attackers to gain administrative access by creating an admin account via a direct request to "install/newuser.php" with the admin parameter set to 1.

Recommendations: For Zomplog versions 3.8.2 and earlier, consider restricting access to the "install/newuser.php" endpoint until a fix is available. As a temporary workaround, avoid using the admin parameter in this endpoint to minimize the risk of exploitation.