InoutMailingListManager 3.1 and earlier sends a Location redirect header but does not exit after an authorization check fails, which allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by ignoring the redirect.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-04-12T19:00:00

Updated: 2024-08-07T13:13:42.017Z

Reserved: 2007-04-12T00:00:00

Link: CVE-2007-2003

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2007-04-12T19:19:00.000

Modified: 2024-11-21T00:29:40.063

Link: CVE-2007-2003

cve-icon Redhat

No data.