PT-2008-6834 · V3 · V3 Chat
Mountassif Moad
·
Publicado
2008-12-31
·
Atualizado
2024-02-08
·
CVE-2008-5784
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
V3 Chat - Profiles/Dating Script version 3.0.2
Description
The issue allows remote attackers to bypass authentication and gain administrative access by setting the
admin cookie to 1.Recommendations
For version 3.0.2, as a temporary workaround, consider restricting access to administrative functions until a patch is available. Avoid using the
admin cookie to authenticate users until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
V3 Chat