5.1
CVSSv2

CVE-2006-3772

Published: 24/07/2006 Updated: 17/10/2018
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
VMScore: 515
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Summary

PHP-Post 0.21 and 1.0, and possibly earlier versions, when auto-login is enabled, allows remote malicious users to bypass security restrictions and obtain administrative privileges by modifying the logincookie[user] setting in the login cookie.

Vulnerable Product Search on Vulmon Subscribe to Product

php-post php-post 1.0

php-post php-post 0.21

Exploits

[KAPDA::#52] - PHP-Post 10 Cookie Modification Privilege Escalation Vulnerability Vulnerable product: Tested on PHP-Post 021 and 10 Vendor: php-postcouk Vulnerability: Privilege Escalation Date: -------------------- Found: Nov 23, 2005 Vendor Contacted: Jun 01, 2006 Release Date: July 18, 2006 Vulnerability: -------------------- Pr ...