Vulnerabilities > CVE-2008-6228 - Credentials Management vulnerability in Preproject PRE Multi-Vendor Shopping Malls

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
preproject
CWE-255
exploit available
NVD
Published: 2009-02-20
Updated: 2024-11-21

Summary

Pre Multi-Vendor Shopping Malls allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".

Vulnerable Configurations

Part Description Count
Application
Preproject
1

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionPre Multi-Vendor Shopping Malls Multiple Remote Vulnerabilities. CVE-2008-6227,CVE-2008-6228. Webapps exploit for php platform
fileexploits/php/webapps/6999.txt
idEDB-ID:6999
last seen2016-02-01
modified2008-11-05
platformphp
port
published2008-11-05
reporterG4N0K
sourcehttps://www.exploit-db.com/download/6999/
titlepre multi-vendor shopping malls Multiple Vulnerabilities
typewebapps

References