admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by obtaining the password hash for another user, for example through another Newsworld vulnerability, and specifying the hash in the pwd argument.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2005-11-02T11:00:00
Updated: 2024-08-07T23:10:08.475Z
Reserved: 2005-11-02T00:00:00
Link: CVE-2005-3435
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2005-11-02T11:02:00.000
Modified: 2024-02-09T03:13:36.147
Link: CVE-2005-3435
Redhat
No data.