Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 31/12/2003 Updated: 11/07/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

index2.php in Mambo 4.0.12 allows remote malicious users to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie.

Vulnerable Product	Search on Vulmon	Subscribe to Product

source: wwwsecurityfocuscom/bid/6926/info Mambo Site Server may grant access without sufficiently validating cookie based authentication credentials It has been reported that Mambo will accept a user cookie sent by the site as an administrative credential To exploit this issue, the attacker must receive a cookie (such as the one issued ...

NVD-CWE-Other http://archives.neohapsis.com/archives/bugtraq/2003-02/0302.html http://www.securityfocus.com/bid/6926 https://exchange.xforce.ibmcloud.com/vulnerabilities/11398 https://nvd.nist.gov https://www.exploit-db.com/exploits/22281/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-1245

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect