CVE-2008-6118

Name of the Vulnerable Software and Affected Versions Goople CMS version 1.7

Description The issue allows remote attackers to bypass authentication and gain administrative access. This is achieved by setting the loggedin cookie to 1, which is associated with the win/content/upload.php file in Goople CMS.

Recommendations For Goople CMS version 1.7, consider temporarily restricting access to the win/content/upload.php file until a patch is available. Additionally, avoid relying solely on the loggedin cookie for authentication, and implement alternative authentication measures to minimize the risk of exploitation.