Internet Photoshow - 'login_admin' Parameter Unauthorized Access Vulnerability

2008-05-14
ID: 53361
CVE: None
Download vulnerable application: None
source: http://www.securityfocus.com/bid/29227/info

Internet Photoshow is prone to a vulnerability that can result in unauthorized database access.

Attackers can exploit this issue to gain administrative access to the application.

Internet Photoshow Special Edition is vulnerable; other editions may also be affected.

The following example code is available:

javascript:document.cookie = "login_admin=true; path=/";
1-4-2 (www01)