Surf-Net ASP Forum prior to 2.30 uses easily guessable cookies based on the UserID, which allows remote malicious users to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. "0888888."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
surf-net asp forum 2.20 |
||
surf-net asp forum |