CVE-2008-7050

Name of the Vulnerable Software and Affected Versions WoW Raid Manager version 3.5.1

Description The issue concerns the password check function in the auth/auth phpbb3.php file when using PHPBB3 authentication. It has two main problems: (1) it does not correctly invoke the CheckPassword function with the necessary arguments, leading to authentication failures, and (2) it returns true instead of false when an authentication failure occurs. This allows remote attackers to bypass authentication with any password, potentially gaining privileges.

Recommendations For WoW Raid Manager version 3.5.1, apply Patch 1 to fix the authentication bypass issue in the password check function.