CVE-2009-1652 Information

Description

admin/adminaddeditdetails.php in Business Community Script does not properly restrict access which allows remote attackers to gain privileges and add administrators via a direct request.

Reference

http://osvdb.org/54493 http://secunia.com/advisories/35071 http://www.securityfocus.com/bid/34976 https://www.exploit-db.com/exploits/8689