CVE-2007-2822

CVE-2007-2822 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

TutorialCMS 1.01 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication via the (1) loggedIn and (2) activated parameters to (a) login.php, (b) headerLinks.php, (c) submit1.php, (d) myFav.php, and (e) userCP.php.

Learn more about our Cms Pen Testing.