cpe:/a:adultscript:adultscript:1.6 CVE-2007-6414 2007-12-17T18:46:00.000-05:00 2017-09-28T21:29:55.597-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-12-17T19:09:00.000-05:00 ALLOWS_USER_ACCESS BID 26870 SECUNIA 28064 EXPLOIT-DB 4731 XF adultscript-administrator-security-bypass(39034) admin/administrator.php in Adult Script 1.6 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication and obtain administrative credentials via a direct request. NOTE: this can be leveraged for arbitrary code execution through a request to admin/videolinks_view.php.