GoAdmin CE Page Restriction Access Vulnerability
GoAdmin CE Page Restriction Access Vulnerability
GoAdmin CE Page Restriction Access Vulnerability
Accessing the URL https://your_ip/index.php/go_carriers_ce/go_get_carrier/view/CARRIERNAME and https://your_ip/login/index.php/go_carriers_ce/go_get_carrier/view/CARRIERNAME, the result will have full access on the page.
To fix this, you need to update your server via github, be sure to backup your configurations and files before updating. http://goautodial.org/projects/goautodialce/wiki/GIThub
We also acknowledged the help of Edwin Brasseur for letting us know this said page restriction access vulnerability.
Affected versions:
3.0 to 3.3
Go to top
Comments