Stanford university SCARF user editing
- From: navairum@xxxxxxxxx
- Date: 4 Nov 2006 20:25:41 -0000
vendor:Someone at Stanford university
site:http://sourceforge.net/projects/scarf/
vuln:
There is no admin check on the file generaloptions.php So anyone can go in and make some changes. One thing to do would be create a user, then go into general options and change your user to an admin. You can also change the background, title, and css page through this file.
-navairum
- Prev by Date: Article Script v1.*and v1.6.3 Sql injection
- Next by Date: PHP Rapid Kill All Version File Injection
- Previous by thread: Article Script v1.*and v1.6.3 Sql injection
- Next by thread: PHP Rapid Kill All Version File Injection
- Index(es):
