2 matches found
EUVD-2017-3327
Malware in sbrugna...
Design/Logic Flaw
In Metinfo 6.1.3, include/interface/applogin.php allows setting arbitrary HTTP headers including the Cookie header, and common.inc.php allows registering variables from the $COOKIE value. This issue can, for example, be exploited in conjunction with CVE-2018-19835 to bypass many XSS filters such ...