• info
• discussion
• exploit
• solution
• references

Ultimate PHP Board Unauthorized Administrative Access Vulnerability

There is no exploit required. The attacker must be an authenticated user of the web forum to access the following administrative scripts:

admin_members.php, admin_config.php, admin_cat.php, admin_forum.php