CVE-2007-5835

Name of the Vulnerable Software and Affected Versions BosNews versions 4 and 5

Description The issue allows remote attackers to cause a denial of service by overwriting files and possibly obtain administrative access due to the lack of authentication in the Install.php file. This can be exploited to replace an existing product installation or create a new admin account.

Recommendations For BosNews versions 4 and 5, consider implementing proper authentication mechanisms for the Install.php file to prevent unauthorized access and modifications. As a temporary workaround, restrict access to the Install.php file to minimize the risk of exploitation.