Lucene search
MitreCVE-2008-4600HistoryOct 18, 2008 - 12:18 a.m.
CVE-2008-4600
2008-10-1800:18:53
CWE-264
mitre
web.nvd.nist.gov
22
pokermax
poker
league
tournament
script
configure.php
cve-2008-4600
authentication bypass
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.037
Percentile
91.9%
configure.php in PokerMax Poker League Tournament Script 0.13 allows remote attackers to bypass authentication and gain administrative access by setting the ValidUserAdmin cookie.
Affected configurations
Node
steve_dawsonpokermax_poker_league_tournament_scriptMatch0.13
| Vendor | Product | Version | CPE |
|---|---|---|---|
| steve_dawson | pokermax_poker_league_tournament_script | 0.13 | cpe:2.3:a:steve_dawson:pokermax_poker_league_tournament_script:0.13:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
PokerMax Poker League 0.13 - Insecure Cookie Handling
2008-10-16 00:00:00
prion
prion
Authentication flaw
2008-10-18 00:18:00
cvelist
cvelist
CVE-2008-4600
2008-10-17 22:00:00
nvd
nvd
CVE-2008-4600
2008-10-18 00:18:53
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.037
Percentile
91.9%
Related for CVE-2008-4600