Vulnerabilities > CVE-2008-6231 - Credentials Management vulnerability in Preprojects PRE Classified Listings
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Pre Classified Listing PHP allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
description Pre Shopping Mall Insecure Cookie Handling Vulnerability. CVE-2008-6231,CVE-2008-6232. Webapps exploit for php platform file exploits/php/webapps/6998.txt id EDB-ID:6998 last seen 2016-02-01 modified 2008-11-05 platform php port published 2008-11-05 reporter G4N0K source https://www.exploit-db.com/download/6998/ title Pre Shopping Mall Insecure Cookie Handling Vulnerability type webapps description Pre Classified Listings Insecure Cookie Handling Vulnerability. CVE-2008-6231,CVE-2008-6232. Webapps exploit for php platform file exploits/php/webapps/7000.txt id EDB-ID:7000 last seen 2016-02-01 modified 2008-11-05 platform php port published 2008-11-05 reporter G4N0K source https://www.exploit-db.com/download/7000/ title Pre Classified Listings Insecure Cookie Handling Vulnerability type webapps
References
- http://secunia.com/advisories/32557
- http://secunia.com/advisories/32557
- http://www.securityfocus.com/bid/32126
- http://www.securityfocus.com/bid/32126
- http://www.vupen.com/english/advisories/2008/3019
- http://www.vupen.com/english/advisories/2008/3019
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46390
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46390
- https://www.exploit-db.com/exploits/7000
- https://www.exploit-db.com/exploits/7000