The Admin Access With Levels plugin in osCommerce 1.5.1 allows remote attackers to access files in the admin/ directory by modifying the in_login parameter to a non-zero value.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Oscommerce | Oscommerce | 1.5.1 (including) | 1.5.1 (including) |