Authentication flaw

2009-05-0723:30:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

Low

0.054 Low

EPSS

Percentile

93.1%

JSON

index.php in PHP Site Lock 2.0 allows remote attackers to bypass authentication and obtain administrative access by setting the login_id, group_id, login_name, user_id, and user_type cookies to certain values.

CPENameOperatorVersion
php_site_lockeq2.0

CPE	Name	Operator	Version
	php_site_lock	eq	2.0

References

osvdb.org/54203

secunia.com/advisories/34995

www.vupen.com/english/advisories/2009/1249

exchange.xforce.ibmcloud.com/vulnerabilities/50304

www.exploit-db.com/exploits/8604