MyBlog 0.9.8 and previous versions allows remote malicious users to bypass authentication requirements via the admin cookie parameter to certain admin files, as demonstrated by admin/settings.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
myblog myblog |