Authentication flaw

2008-08-0819:41:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

Low

0.048 Low

EPSS

Percentile

92.7%

JSON

Free Hosting Manager 1.2 and 2.0 allows remote attackers to bypass authentication and gain administrative access by setting both the adminuser and loggedin cookies.

CPENameOperatorVersion
free_hosting_managereq1.2
free_hosting_managereq2.0

CPE	Name	Operator	Version
	free_hosting_manager	eq	1.2
	free_hosting_manager	eq	2.0

References

secunia.com/advisories/31383

securityreason.com/securityalert/4118

www.securityfocus.com/bid/30580

exchange.xforce.ibmcloud.com/vulnerabilities/44260

www.exploit-db.com/exploits/6213