PluggedOut CMS User Authentication Bypass Vulnerability

Product PluggedOut CMS
Severity High
CVE Reference CVE-2008-1899
Type PluggedOut CMS – User Authentication Bypass Vulnerability

The PluggedOut Content Management System allows user’s to manage the content of their website through a web based administration portal. The administration is performed through a PHP script and allows authenticated users to manage the website and upload new PHP content. Using this vulnerability an attacker could gain access to the CMS system and would be able to upload new PHP content.