MidnightBSD

Advisories for sahanafoundation

CVE-2010-1191 MEDIUM

Sahana disaster management system 0.6.2.2, and possibly other versions, allows remote attackers to bypass intended access restrictions and disable administrator authentication via a direct request to stream.php in an acl_enable_acl action to the admin module.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
sahanafoundation sahana 0.6.2.2