CVE-2008-7179

Name of the Vulnerable Software and Affected Versions OTManager CMS version 2.4

Description The issue allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN Hora, ADMIN Logado, and ADMIN Nome cookies to certain values. This is reachable in the "Admin/index.php" endpoint.

Recommendations For OTManager CMS version 2.4, as a temporary workaround, consider restricting access to the "Admin/index.php" endpoint until a patch is available. Additionally, avoid using the ADMIN Hora, ADMIN Logado, and ADMIN Nome cookies in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.