← back
CVE-2008-6743

CVE-2008-6743

EPSS 2.6%
RSMScript 1.21 allows remote attackers to bypass authentication and gain administrative privileges by setting the verified cookie to an arbitrary value and performing a direct request to (1) delete.php, (2) edit-submit.php, (3) edit.php, (4) submit.php, and (5) update.php, which bypasses the security check that is performed by verify.php.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/7497unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/50802http://secunia.com/advisories/33150https://exchange.xforce.ibmcloud.com/vulnerabilities/47451https://www.exploit-db.com/exploits/7497http://www.securityfocus.com/bid/32886