fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and earlier allows remote attackers to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters in the query string.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-09-29T18:00:00
Updated: 2017-09-28T12:57:01
Reserved: 2008-09-29T00:00:00
Link: CVE-2008-4319
JSON object: View
NVD Information
Status : Modified
Published: 2008-09-29T19:25:35.760
Modified: 2017-09-29T01:32:06.257
Link: CVE-2008-4319
JSON object: View
Redhat Information
No data.
CWE