PT-2008-4810 · Phplinkat · Phplinkat
Encrypt3D.M!Nd
·
Published
2008-07-31
·
Updated
2017-09-29
·
CVE-2008-3407
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
phpLinkat version 0.1
Description
The issue allows remote attackers to bypass authentication and access unspecified pages under the admin/ section by sending a specific cookie, namely
login=right.Recommendations
For phpLinkat version 0.1, consider restricting access to the admin/ section until a patch is available. As a temporary workaround, avoid using the
login cookie or restrict its usage to minimize the risk of exploitation.Exploit
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Phplinkat