CVE-2009-3422 Information

Description

login.php in Zenas PaoLiber 1.1 when register_globals is enabled allows remote attackers to bypass authentication and gain administrative access by setting the login_ok parameter to 1.

Reference

http://secunia.com/advisories/36023 http://www.exploit-db.com/exploits/9294 http://www.osvdb.org/56758