CVE-2008-5857 Information

Description

The DropDocuments plugin in KnowledgeTree before 3.5.4a allows remote authenticated users to gain administrative privileges via a certain sequence of \browse documents\ and dashboard requests.

Reference

http://issues.knowledgetree.com/browse/KTS-3921 http://secunia.com/advisories/33277 http://wiki.knowledgetree.com/Version_3.5.4aSecurity http://www.securityfocus.com/bid/32920 https://exchange.xforce.ibmcloud.com/vulnerabilities/47530