Back to search
CVE-2008-6743
Published: Apr 22, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
RSMScript 1.21 allows remote attackers to bypass authentication and gain administrative privileges by setting the verified cookie to an arbitrary value and performing a direct request to (1) delete.php, (2) edit-submit.php, (3) edit.php, (4) submit.php, and (5) update.php, which bypasses the security check that is performed by verify.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
rsmscript-verify-security-bypass(47451)
vdb-entry
x_refsource_XF
50802
vdb-entry
x_refsource_OSVDB
32886
vdb-entry
x_refsource_BID
7497
exploit
x_refsource_EXPLOIT-DB
33150
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now