Zakkis Technology ABC Advertise 1.0 does not properly restrict access to admin.inc.php, which allows remote attackers to obtain the administrator login name and password via a direct request.Referenceshttps://www.exploit-db.com/exploits/8555https://exchange.xforce.ibmcloud.com/vulnerabilities/50183
