add.php in MyBlog 0.9.8 and earlier allows remote attackers to bypass authentication and gain administrative access by setting a cookie with admin=yes and login=admin.
References
Configurations
Information
Published : 2008-09-30 10:22
Updated : 2017-09-28 18:32
NVD link : CVE-2008-4341
Mitre link : CVE-2008-4341
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
myblog
- myblog