OTManager CMS 2.4 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN_Hora, ADMIN_Logado, and ADMIN_Nome cookies to certain values, as reachable in Admin/index.php.
CPE | Name | Operator | Version |
---|---|---|---|
otmanager_cms | eq | 2.4 |