VULHUB ™

Elite News has been reported prone to an administrative authentication bypass vulnerability. The issue reportedly presents itself due to a combination of factors; a remote attacker may extract the administrator username by viewing an Elite News script. This username may then be applied in the login page, without requiring a password to authenticate. The attacker may then access other Elite News scripts directly and take actions as the Elite News administrator.

Elite News has been reported prone to an administrative authentication bypass vulnerability. The issue reportedly presents itself due to a combination of factors; a remote attacker may extract the administrator username by viewing an Elite News script. This username may then be applied in the login page, without requiring a password to authenticate. The attacker may then access other Elite News scripts directly and take actions as the Elite News administrator.