CVE-2009-2040

CVE-2009-2040 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

admin/options.php in Grestul 1.2 does not properly restrict access, which allows remote attackers to bypass authentication and create administrative accounts via a manage_admin action in a direct request.

Learn more about our Web Application Penetration Testing UK.