Vulnerabilities > CVE-2004-1847 - Multiple vulnerability in Expinion.net News Manager Lite
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
News Manager Lite 2.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN parameter in the NEWS_LOGIN cookie.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Expinion.net News Manager Lite 2.5 NEWS_LOGIN Cookie ADMIN Parameter Manipulation Admin Authentication Bypass. CVE-2004-1847. Webapps exploit for asp platform |
id | EDB-ID:23863 |
last seen | 2016-02-02 |
modified | 2004-03-20 |
published | 2004-03-20 |
reporter | Manuel Lopez |
source | https://www.exploit-db.com/download/23863/ |
title | Expinion.net News Manager Lite 2.5 NEWS_LOGIN Cookie ADMIN Parameter Manipulation Admin Authentication Bypass |