Vulnerability Description
index.php in ADN Forum 1.0b and earlier allows remote attackers to bypass authentication and gain sysop access via a fpusuario cookie composed of an initial sysop: string, an arbitrary password field, and a final :sysop:0 string.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adnforum | Adnforum | <= 1.0b |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/18300Vendor Advisory
- http://www.securityfocus.com/bid/31383Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45400
- https://www.exploit-db.com/exploits/6557
- http://secunia.com/advisories/18300Vendor Advisory
- http://www.securityfocus.com/bid/31383Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45400
- https://www.exploit-db.com/exploits/6557
FAQ
What is CVE-2008-6001?
CVE-2008-6001 is a vulnerability with a CVSS score of 7.5 (HIGH). index.php in ADN Forum 1.0b and earlier allows remote attackers to bypass authentication and gain sysop access via a fpusuario cookie composed of an initial sysop: string, an arbitrary password field,...
How severe is CVE-2008-6001?
CVE-2008-6001 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6001?
Check the references section above for vendor advisories and patch information. Affected products include: Adnforum Adnforum.