CVE-2008-6939

TurnkeyForms Web Hosting Directory allows remote attackers to bypass authentication and (1) gain administrative privileges by setting the adm cookie to 1 or (2) gain privileges as another user by setting the logged cookie to the target username.

🔗 References (12)

• cve@mitrehttp://osvdb.org/49838
• cve@mitrehttp://secunia.com/advisories/32644
• cve@mitrehttp://www.securityfocus.com/bid/32283
• cve@mitrehttp://www.vupen.com/english/advisories/2008/3143
• cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/46586
• cve@mitrehttps://www.exploit-db.com/exploits/7107
• af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/49838
• af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32644
• af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/32283
• af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/3143
• af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/46586
• af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/7107