CVE-2008-7024

2009-08-2114:00:00

mitre

www.cve.org

7.1 High

AI Score

Confidence

Low

0.106 Low

EPSS

Percentile

95.1%

JSON

admin.php in Arz Development The Gemini Portal 4.7 and earlier allows remote attackers to bypass authentication and gain administrator privileges by setting the user cookie to “admin” and setting the name parameter to “users.”

References

osvdb.org/48639

secunia.com/advisories/32057

www.securityfocus.com/archive/1/496761/100/0/threaded

www.securityfocus.com/bid/31429

exchange.xforce.ibmcloud.com/vulnerabilities/45439

www.exploit-db.com/exploits/6584