CVE-2009-4546

2010-01-0417:00:00

mitre

www.cve.org

7.1 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.4%

JSON

globepersonnel_login.asp in Logoshows BBS 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the (1) pb_username (aka pb%5Fusername) and (2) level cookies.

References

www.exploit-db.com/exploits/9400

exchange.xforce.ibmcloud.com/vulnerabilities/52366