Exploit SiteCubed MailWorks Professional - Authentication Bypass

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
24565
Проверка EDB
  1. Пройдено
Автор
PAUL CRAIG
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2004-1661
Дата публикации
2004-09-02
SiteCubed MailWorks Professional - Authentication Bypass
Код:
source: https://www.securityfocus.com/bid/11095/info

MailWorks Professional is reported prone to an authentication bypass vulnerability.

The application uses cookies to store variables that determine the status of the authentication process. An attacker browsing the web application using specially crafted cookie data is able to bypass the authentication process to access the site as an administrative user.

This vulnerability allows a remote attacker to gain administrative access to the affected application.

Cookie: auth=1; uId=1
 
Источник
www.exploit-db.com

Похожие темы