CVE-2007-0806 Information

Description

Les News 2.2 allows remote attackers to bypass authentication and gain administrative access via a direct request for adminews/index_fr.php3 and possibly the adminews index documents for other localizations.

Reference

http://forums.avenir-geopolitique.net/viewtopic.php?t=2622 http://osvdb.org/33686 http://securityreason.com/securityalert/2226 http://www.securityfocus.com/archive/1/459186/100/0/threaded