CVE-2010-1191

Name of the Vulnerable Software and Affected Versions Sahana disaster management system version 0.6.2.2

Description The issue allows remote attackers to bypass intended access restrictions and disable administrator authentication. This can be achieved via a direct request to "stream.php" in an "acl enable acl" action to the admin module.

Recommendations For version 0.6.2.2, consider restricting access to the "stream.php" file in the admin module to prevent unauthorized requests, and review the authentication mechanism to ensure it cannot be disabled by unauthorized users. At the moment, there is no information about a newer version that contains a fix for this vulnerability.