PT-2008-3789 · Unknown · Web Slider
T0Pp8Uzz
·
Published
2008-05-18
·
Updated
2017-09-29
·
CVE-2008-2298
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Web Slider version 0.6
Description:
The issue allows remote attackers to bypass authentication and gain privileges. This is achieved by setting the
admin cookie to 1, effectively allowing unauthorized access.Recommendations:
For Web Slider version 0.6, consider disabling access to the Admin.php file until a patch is available to prevent unauthorized privilege escalation. Restrict access to sensitive areas of the application to minimize the risk of exploitation.
Exploit
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Web Slider