Vulnerability Description
Tribiq CMS 5.0.9a beta allows remote attackers to bypass authentication and gain administrative access by setting the COOKIE_LAST_ADMIN_USER and COOKIE_LAST_ADMIN_LANG cookies. NOTE: a third party reports that the vendor disputes the existence of this issue
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tribiq | Tribiq Cms | 5.0.9a |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/32001Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46237
- https://www.exploit-db.com/exploits/6886
- http://www.securityfocus.com/bid/32001Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46237
- https://www.exploit-db.com/exploits/6886
FAQ
What is CVE-2008-6804?
CVE-2008-6804 is a vulnerability with a CVSS score of 7.5 (HIGH). Tribiq CMS 5.0.9a beta allows remote attackers to bypass authentication and gain administrative access by setting the COOKIE_LAST_ADMIN_USER and COOKIE_LAST_ADMIN_LANG cookies. NOTE: a third party re...
How severe is CVE-2008-6804?
CVE-2008-6804 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6804?
Check the references section above for vendor advisories and patch information. Affected products include: Tribiq Tribiq Cms.