CVE-2009-0108
PHPAuctions (aka PHPAuctionSystem) has a remote authentication bypass vulnerability where an attacker can gain administrative access by tampering with cookies: PHPAUCTION_RM_ID, PHPAUCTION_RM_NAME, PHPAUCTION_RM_USERNAME, and PHPAUCTION_RM_EMAIL. The provided documents state the issue but do not ...