Описание
delcookie.php in Professional Home Page Tools Guestbook changes the expiration date of a cookie instead of deleting the cookie's value, which makes it easier for attackers to steal the cookie and obtain the administrator's password hash after logout.
delcookie.php in Professional Home Page Tools Guestbook changes the expiration date of a cookie instead of deleting the cookie's value, which makes it easier for attackers to steal the cookie and obtain the administrator's password hash after logout.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-3837
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27775
- http://artemis.abenteuer-mittelerde.de/pub/adv02-phptgb.txt
- http://secunia.com/advisories/21102
- http://securityreason.com/securityalert/1275
- http://www.securityfocus.com/archive/1/440421/100/0/threaded
EPSS
CVE ID
Связанные уязвимости
delcookie.php in Professional Home Page Tools Guestbook changes the expiration date of a cookie instead of deleting the cookie's value, which makes it easier for attackers to steal the cookie and obtain the administrator's password hash after logout.
EPSS