admin.php in Maran PHP Shop allows remote malicious users to bypass authentication and gain administrative access by setting the user cookie to "demo."
# Maran PHP Shop (adminphp) Insecure Cookie Handling Vulnerability
# url: wwwmaranpamil-visionscom/maranshopphp
#
# Author: JosS
# mail: sys-project[at]hotmail[dot]com
# site: spanish-hackerscom
# team: Spanish Hackers Team - [SHT]
#
# This was written for educational purpose Use it at your own risk
# Author will be not respon ...