Authentication flaw

2008-10-2317:17:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.3%

BbZL.PhP 0.92 allows remote attackers to bypass authentication and gain administrative access by setting the phorum_admin_session cookie to 1.

CPENameOperatorVersion
bbzl.phpeq0.92

CPE	Name	Operator	Version
	bbzl.php	eq	0.92

References

securityreason.com/securityalert/4495

www.securityfocus.com/bid/31462

exchange.xforce.ibmcloud.com/vulnerabilities/45498

www.exploit-db.com/exploits/6621