CVE-2008-7024

EPSS 2.5%

admin.php in Arz Development The Gemini Portal 4.7 and earlier allows remote attackers to bypass authentication and gain administrator privileges by setting the user cookie to "admin" and setting the name parameter to "users."

Affected products

n/a · n/a

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/6584unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://osvdb.org/48639 http://secunia.com/advisories/32057 https://exchange.xforce.ibmcloud.com/vulnerabilities/45439 https://www.exploit-db.com/exploits/6584 http://www.securityfocus.com/archive/1/496761/100/0/threaded http://www.securityfocus.com/bid/31429