CVE-2005-2819 Information

Description

DownFile 1.3 allows remote attackers to gain administrator privileges via a direct request to (1) update.php (2) del.php and (3) add_form.php.

Reference

http://secunia.com/advisories/16630 http://securitytracker.com/id?1014827 http://www.securityfocus.com/bid/14714 http://www.vupen.com/english/advisories/2005/1601