CVE-2008-7156 Information

Description

EkinBoard 1.1.0 and earlier when register_globals is enabled allows remote attackers to bypass authorization and gain administrator privileges by setting the _groups[] parameter to 2 as demonstrated via backup.php.

Reference

http://www.securityfocus.com/bid/27166 https://exchange.xforce.ibmcloud.com/vulnerabilities/39512 https://www.exploit-db.com/exploits/4859