CVE-2016-9482

Name of the Vulnerable Software and Affected Versions PHP FormMail Generator (affected versions not specified)

Description The issue allows a remote unauthenticated user to bypass authentication and access the administrator panel. This can be achieved by navigating directly to the "/admin.php?mod=admin&func=panel" API endpoint.

Recommendations As a temporary workaround, consider disabling access to the /admin.php API endpoint until a patch is available. Restrict access to the administrator panel to minimize the risk of exploitation. Avoid using the mod and func parameters in the affected API endpoint until the issue is resolved.