PT-2009-1357 · Gobbl · Gobbl Cms
X0R
·
Publicado
2009-01-08
·
Atualizado
2017-09-29
·
CVE-2008-5880
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Gobbl CMS version 1.0
Description
The issue allows remote attackers to bypass authentication and gain administrative access. This is achieved by setting the
auth cookie to "ok".Recommendations
For Gobbl CMS version 1.0, consider implementing proper authentication mechanisms to prevent unauthorized access. As a temporary workaround, restrict access to admin/auth.php to minimize the risk of exploitation.
Exploit
Correção
Improper Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Gobbl Cms