CVE-2005-1787 Information

Description

setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the $check variable.

Reference

http://marc.info/?l=bugtraq&m=111721290726958&w=2 http://secunia.com/advisories/15516 http://securitytracker.com/id?1014064 http://www.soulblack.com.ar/repo/papers/advisory/PhpStat_advisory.txt http://www.soulblack.com.ar/repo/tools/sbphpstatpoc.txt