CVE-2009-2025

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.vupen.com/english/advisories/2009/1532", "name": "ADV-2009-1532", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://secunia.com/advisories/35167", "name": "35167", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "https://www.exploit-db.com/exploits/8903", "name": "8903", "tags": [], "refsource": "EXPLOIT-DB"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "admin/login.php in DM FileManager 3.9.2 allows remote attackers to bypass authentication and gain administrative access by setting the (1) USER, (2) GROUPID, (3) GROUP, and (4) USERID cookies to certain values."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-264"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2009-2025", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2009-06-09T19:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:dutchmonkey:dm_filemanager:3.9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-09-29T01:34Z"}