• info
• discussion
• exploit
• solution
• references

Extreme CMS Options.PHP Authentication Bypass Vulnerability

Extreme CMS is prone to an authentication-bypass vulnerability because it fails to authenticate users before providing access to sensitive information.

Exploiting this issue could allow an attacker to change the passwords of legitimate users to gain elevated privileges. A successful exploit could prevent legitimate users from accessing the application and may result in the compromise of the application.

Extreme CMS 0.9 is reported vulnerable to this issue; other versions may be affected as well.