7.2 High
AI Score
Confidence
Low
0.05 Low
EPSS
Percentile
92.9%
PHPAuctions (aka PHPAuctionSystem) allows remote attackers to bypass authentication and gain administrative access via modified (1) PHPAUCTION_RM_ID, (2) PHPAUCTION_RM_NAME, (3) PHPAUCTION_RM_USERNAME, and (4) PHPAUCTION_RM_EMAIL cookies.
osvdb.org/51146
secunia.com/advisories/33331
securityreason.com/securityalert/4891
www.securityfocus.com/bid/33120
www.exploit-db.com/exploits/7674