The function in charge to check whether the user is already logged in init.php in Interspire Email Marketer (IEM) before 6.1.6 allows remote malicious users to bypass authentication and obtain administrative access by using the IEM_CookieLogin cookie with a specially crafted value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
interspire email marketer |