[原文]settings.php in Reamday Enterprises Magic Downloads 1.1.3, when register_globals is enabled, allows remote attackers to modify program behavior, potentially bypassing authentication controls, via modified (1) action, (2) passwd, (3) admin_password, (4) new_passwd, and (5) confirm_passwd variables, which are not initialized.
Multiple Reamday Enterprises products are prone to multiple vulnerabilities regarding the overwriting of application variables. These issues are due to a failure in the applications to properly initialize various application variables.
An attacker can exploit these issues to overwrite various application variables with attacker-supplied data. Successful exploitation may result in the attacker gaining administrative access to the vulnerable application.
An exploit is not required.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: email@example.com