CVE-2007-2822
CVE-2007-2822 · HIGH Severity
AV:N/AC:M/AU:N/C:C/I:C/A:C
TutorialCMS 1.01 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication via the (1) loggedIn and (2) activated parameters to (a) login.php, (b) headerLinks.php, (c) submit1.php, (d) myFav.php, and (e) userCP.php.
Learn more about our Cms Pen Testing.