Alstrasoft » Live Support : Security Vulnerabilities, CVEs,
AlstraSoft Live Support 1.21 sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to obtain administrative access via a direct request to admin/managesettings.php.
Max CVSS
10.0
EPSS Score
10.85%
Published
2007-05-21
Updated
2017-10-11
1 vulnerabilities found