Authentication flaw

2008-10-2320:00:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

Low

0.022 Low

EPSS

Percentile

89.6%

JSON

PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authentication and gain administrative access by setting the PostCommentsAdmin cookie to “logged.”

CPENameOperatorVersion
post_commenteq2.0

CPE	Name	Operator	Version
	post_comment	eq	2.0

References

secunia.com/advisories/27991

securityreason.com/securityalert/4502

exchange.xforce.ibmcloud.com/vulnerabilities/45503

www.exploit-db.com/exploits/6625