Yerba SACphp 6.3 and previous versions allows remote malicious users to bypass authentication and gain administrative access via a galleta[sesion] cookie that has a value beginning with 1:1: followed by a username.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yerba yerba 6.28 |
||
yerba yerba |