The documentation for AJ-Fork 167 implies that users should set permissions for users.db.php to 777, which allows local users to execute arbitrary PHP code and gain privileges as the administrator.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Aj-fork | Aj-fork | 167 | 167 |
Cutenews | Cutephp | 1.3.6 | 1.3.6 |
Cutenews | Cutephp | 1.3.2 | 1.3.2 |
Cutenews | Cutephp | 0.88 | 0.88 |
Cutenews | Cutephp | 1.3 | 1.3 |
Cutenews | Cutephp | 1.3.1 | 1.3.1 |