Vulnerability Description
Techno Dreams Job Career Package 3.0 allows remote attackers to bypass authentication and obtain administrative access by setting the JobCareerAdmin cookie to Login.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| T-Dreams | Job Career Package | 3.0 |
Related Weaknesses (CWE)
References
- http://osvdb.org/54278Exploit
- http://secunia.com/advisories/34996Vendor Advisory
- http://www.securityfocus.com/bid/34865Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50370
- https://www.exploit-db.com/exploits/8627
- http://osvdb.org/54278Exploit
- http://secunia.com/advisories/34996Vendor Advisory
- http://www.securityfocus.com/bid/34865Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50370
- https://www.exploit-db.com/exploits/8627
FAQ
What is CVE-2009-1638?
CVE-2009-1638 is a vulnerability with a CVSS score of 7.5 (HIGH). Techno Dreams Job Career Package 3.0 allows remote attackers to bypass authentication and obtain administrative access by setting the JobCareerAdmin cookie to Login.
How severe is CVE-2009-1638?
CVE-2009-1638 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-1638?
Check the references section above for vendor advisories and patch information. Affected products include: T-Dreams Job Career Package.