OTManager CMS 2.4 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN_Hora, ADMIN_Logado, and ADMIN_Nome cookies to certain values, as reachable in Admin/index.php.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/29999 | Exploit |
https://www.exploit-db.com/exploits/5959 |
Configurations
Information
Published : 2009-09-08 03:30
Updated : 2017-09-28 18:33
NVD link : CVE-2008-7179
Mitre link : CVE-2008-7179
JSON object : View
CWE
CWE-287
Improper Authentication
Products Affected
otmanager
- otmanager_cms