Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14944
HistoryNov 06, 2006 - 12:00 a.m.

Stanford university SCARF user editing

2006-11-0600:00:00
vulners.com
25

vendor:Someone at Stanford university
site:http://sourceforge.net/projects/scarf/

vuln:
There is no admin check on the file generaloptions.php So anyone can go in and make some changes. One thing to do would be create a user, then go into general options and change your user to an admin. You can also change the background, title, and css page through this file.
-navairum