CVE-2008-6714
CVE-2008-6714 affects xeCMS 1.0.0 RC2 and earlier. The admin.php module allows remote attackers to bypass authentication and access the admin panel by setting the xecms_username cookie, effectively elevating access without valid credentials. Root cause: authentication bypass via manipulated cooki...