[] NeoSense
E X P L O I T S
title author type platform port cve id

Py-Membres 3.1 - 'index.php' Unauthorized Access

Author: frog
type: webapps
platform: php
port: 
date_added: 2002-10-02 
date_updated: 2012-10-11 
verified: 1 
codes: CVE-2002-1884;OSVDB-59606 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/5849/info

A vulnerability has been reported for Py-Membres 3.1 that allows remote attackers to obtain administrative privileges on vulnerable installations.

Reportedly, Py-Membres does not fully check some URI parameters. Thus it is possible for an attacker to manipulate URI parameters and log into the system as an arbitrary user without the need for passwords.

http://[target]/index.php?pymembs=admin
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.