XGB 2.0 - Authentication Bypass

Author: Albania Security Clan
type: webapps
platform: php
port: 
date_added: 2005-02-08 
date_updated: 2013-04-30 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/12489/info

xGB is reportedly affected by a vulnerability that could permit unauthorized administrator access. This issue is due to the application failing to properly verify user credentials.

A malicious user could exploit this vulnerability to bypass user authentication and gain administrative access.

This vulnerability is reported to affect xGB version 2.0; earlier versions may also be vulnerable.

http://www.example.com/xGB.php?act=admin&do=edit