Description
The Admin Access With Levels plugin in osCommerce 1.5.1 allows remote attackers to access files in the "admin/" directory by modifying the in_login parameter to a non-zero value.
Remediation
References
Related Vulnerabilities
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.7)
MySQL CVE-2012-1688 Vulnerability (CVE-2012-1688)
Oracle Application Server Other Vulnerability (CVE-2005-3448)
WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.7.94)
WordPress Plugin Xorbin Digital Flash Clock Cross-Site Scripting (1.0)