PluggedOut CMS User Authentication Bypass Vulnerability

CVE-2008-1899

    Type

  • PluggedOut CMS – User Authentication Bypass Vulnerability
  • Severity

  • High
  • Affected products

  • PluggedOut CMS
  • Date

  • 2008-07-31
  • CVE Reference

  • CVE-2008-1899

The PluggedOut Content Management System allows user’s to manage the content of their website through a web based administration portal. The administration is performed through a PHP script and allows authenticated users to manage the website and upload new PHP content. Using this vulnerability an attacker could gain access to the CMS system and would be able to upload new PHP content.