PT-2008-5466 · Unknown · Easy Photo Gallery

Stack

Published

2008-09-22

Updated

2017-09-29

CVE-2008-4167

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions Easy Photo Gallery version 2.1

Description The issue concerns a lack of administrative authentication in the useradmin.php file, allowing remote attackers to add or remove an Administrator account.

Recommendations For Easy Photo Gallery version 2.1, consider restricting access to the useradmin.php file until a patch is available, and ensure that proper authentication mechanisms are implemented to prevent unauthorized modifications to Administrator accounts.

Exploit

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2008-4167

Affected Products

Easy Photo Gallery

PT-2008-5466 · Unknown · Easy Photo Gallery

CVE-2008-4167

Weakness Enumeration

Related Identifiers

Affected Products

References · 6