PT-2008-1983 · Unknown · Evilsentinel

Blackhawk

Published

2008-01-17

Updated

2017-09-29

CVE-2008-0350

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Evilsentinel versions 1.0.9 and earlier

Description The issue allows remote attackers to gain administrative privileges and make arbitrary configuration changes due to a problem in the admin/index.php file, which sends a redirect to the web browser but does not exit.

Recommendations For versions 1.0.9 and earlier, update to a version that fixes this issue to prevent administrative privilege escalation and arbitrary configuration changes.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2008-0350

Affected Products

Evilsentinel

PT-2008-1983 · Unknown · Evilsentinel

CVE-2008-0350

Weakness Enumeration

Related Identifiers

Affected Products

References · 5