InoutMailingListManager 3.1 and earlier sends a Location redirect header but does not exit after an authorization check fails, which allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by ignoring the redirect.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2007-04-12T19:00:00
Updated: 2024-08-07T13:13:42.017Z
Reserved: 2007-04-12T00:00:00
Link: CVE-2007-2003

No data.

Status : Modified
Published: 2007-04-12T19:19:00.000
Modified: 2024-11-21T00:29:40.063
Link: CVE-2007-2003

No data.