Full title: Eibiz i-Media Server Digital Signage 3.8.0 Remote Privilege Escalation / Account Takeover Exploit 
Category: web applications
Platform: hardware
Eibiz i-Media Server Digital Signage version 3.8.0 suffers from an unauthenticated remote privilege escalation and account takeover vulnerability that can be triggered by directly calling the updateUser object (part of ActionScript object graphs), effectively elevating to an administrative role or taking over an existing account by modifying the settings.

# 0day.today @ http://0day.today/