Phshoutbox Final

DATE	CVE	VULNERABILITY TITLE	RISK
2008-04-27	CVE-2008-1971	Improper Authentication vulnerability in PHPhq Phshoutbox Final phShoutBox Final 1.5 and earlier only checks passwords when specified in $_POST, which allows remote attackers to gain privileges by setting the (1) phadmin cookie to admin.php, or (2) in 1.4 and earlier, the ssbadmin cookie to shoutadmin.php. network low complexity phphq CWE-287	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.