CVE-2007-4416

Name of the Vulnerable Software and Affected Versions BellaBook (affected versions not specified)

Description The issue allows remote attackers to potentially obtain administrative privileges. This is achieved by sending the admin's username (admin name) in a pheap login cookie. The vendor disputes this issue, citing that authentication data is derived from the admin pass and secret variables, in addition to the admin name. Furthermore, the exploit code is reportedly designed for an unrelated application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.