The "remember me" functionality in login.php in Burden prior to 1.8.1 allows remote malicious users to bypass authentication and gain privileges by setting the burden_user_rememberme cookie to 1.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
burden project burden |