Description
MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of __system in an arbitrary database.
Remediation
References
Related Vulnerabilities
MySQL Other Vulnerability (CVE-2004-0835)
PHP Improper Input Validation Vulnerability (CVE-2006-6383)
WordPress Plugin Images Slideshow by 2J-Image Slider Unspecified Vulnerability (1.2.15)
Apache HTTP Server Other Vulnerability (CVE-2002-1593)
Piwigo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10679)