login.php in phpWishlist before 0.1.15 allows remote attackers to bypass authentication via a direct request to admin.php.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phpwishlist | phpwishlist | 0.1.11 |
| phpwishlist | phpwishlist | 0.1.12 |
| phpwishlist | phpwishlist | 0.1.9 |
| phpwishlist | phpwishlist | 0.1.10 |
| phpwishlist | phpwishlist | 0.1.13 |
| phpwishlist | phpwishlist | 0.1.14 |