3 matches found
CVE-2010-1097
include/userlogin.class.php in DeDeCMS 5.5 GBK, when session.autostart is enabled, allows remote attackers to bypass authentication and gain administrative access via a value of 1 for the SESSIONdedeadminid parameter, as demonstrated by a request to uploads/include/dialog/selectsoftpost.php...
CVE-2010-1097
CVE-2010-1097 affects DeDeCMS 5.5 GBK, where enabling session.auto_start allows remote attackers to bypass authentication and gain administrative access by setting _SESSION[dede_admin_id] to 1, demonstrated via uploads/include/dialog/select_soft_post.php. The vulnerability stems from improper ses...
CVE-2010-1097
include/userlogin.class.php in DeDeCMS 5.5 GBK, when session.autostart is enabled, allows remote attackers to bypass authentication and gain administrative access via a value of 1 for the SESSIONdedeadminid parameter, as demonstrated by a request to uploads/include/dialog/selectsoftpost.php...