CVE-2006-1213
CVE-2006-1213
JiRo's Banner System Experience and Professional 1.0 and earlier allows remote attackers to bypass access restrictions and gain privileges via a direct request to certain scripts in the files directory, as demonstrated by using addadmin.asp to create a new administrator account.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/1571unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://archives.neohapsis.com/archives/fulldisclosure/2006-03/0211.htmlhttp://secunia.com/advisories/19184https://exchange.xforce.ibmcloud.com/vulnerabilities/25169http://www.nukedx.com/?viewdoc=19http://www.osvdb.org/23780http://www.securityfocus.com/archive/1/427326/100/0/threadedhttp://www.securityfocus.com/bid/17060http://www.vupen.com/english/advisories/2006/0911