The isLoggedIn function in fastnews-code.php in phpFastNews 1.0.0 allows remote malicious users to bypass authentication and gain administrative access by setting the fn-loggedin cookie to 1.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpfastnews phpfastnews 1.0.0 |