icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Siteman < 1.1.11 Page User Database Privilege Escalation

Medium

Synopsis

The remote host is vulnerable to a flaw that allows for the bypassing of authentication.

Description

The remote host is running Siteman, a web-based content management system written in PHP. The remote version of this software is vulnerable to a privilege escalation vulnerability. An attacker with a valid username and password may escalate privileges by making a specially crafted request to the remote server.

Solution

Upgrade to SiteMan 1.1.11 or higher.