PluggedOut CMS User Authentication Bypass Vulnerability

  • Published: 31 Jul 2008

PluggedOut CMS User Authentication Bypass Vulnerability

CVE-2008-1899

Share

Type

  • PluggedOut CMS – User Authentication Bypass Vulnerability

Severity

  • High

Affected products

  • PluggedOut CMS

Date

  • 2008-07-31

CVE Reference

  • CVE-2008-1899

Read more

The PluggedOut Content Management System allows user’s to manage the content of their website through a web based administration portal. The administration is performed through a PHP script and allows authenticated users to manage the website and upload new PHP content. Using this vulnerability an attacker could gain access to the CMS system and would be able to upload new PHP content.