useradmin.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 does not require administrative authentication, which allows remote attackers to (1) add or (2) remove an Administrator account.
References
Configurations
History
No history.
Information
Published : 2008-09-22 18:34
Updated : 2024-02-28 11:21
NVD link : CVE-2008-4167
Mitre link : CVE-2008-4167
CVE.ORG link : CVE-2008-4167
JSON object : View
Products Affected
ezphotogallery
- ezphotogallery
CWE
CWE-287
Improper Authentication