icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

popper_mod < 1.2.3 Administration Authentication Bypass

High

Synopsis

It is possible to administrate the remote popper_mod CGI by requesting the /admin directory directly.

Description

It is possible to administrate the remote popper_mod CGI by requesting the /admin directory directly. An attacker may use this vulnerability to obtain user passwords.

Solution

Upgrade to version 1.2.3 or higher.