exploitDog

GHSA-8h5v-x89v-rc4p

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

PHP-Post 0.21 and 1.0, and possibly earlier versions, when auto-login is enabled, allows remote attackers to bypass security restrictions and obtain administrative privileges by modifying the logincookie[user] setting in the login cookie.

PHP-Post 0.21 and 1.0, and possibly earlier versions, when auto-login is enabled, allows remote attackers to bypass security restrictions and obtain administrative privileges by modifying the logincookie[user] setting in the login cookie.

Ссылки

EPSS

Процентиль: 90%

0.05942

Низкий

CVE ID

Связанные уязвимости

CVE-2006-3772

nvd

больше 19 лет назад

PHP-Post 0.21 and 1.0, and possibly earlier versions, when auto-login is enabled, allows remote attackers to bypass security restrictions and obtain administrative privileges by modifying the logincookie[user] setting in the login cookie.

EPSS

Процентиль: 90%

0.05942

Низкий

CVE ID