Описание
user.php in NextBBS 0.6 allows remote attackers to bypass authentication and gain administrator access by setting the userkey cookie to 1.
user.php in NextBBS 0.6 allows remote attackers to bypass authentication and gain administrator access by setting the userkey cookie to 1.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-1602
- http://archives.neohapsis.com/archives/bugtraq/2012-03/0135.html
- http://packetstormsecurity.org/files/111250/NextBBS-0.6.0-Authentication-Bypass-SQL-Injection-XSS.html
- http://www.openwall.com/lists/oss-security/2012/03/29/8
- http://www.openwall.com/lists/oss-security/2012/03/30/2
- http://www.osvdb.org/80626
- http://www.securityfocus.com/bid/52728
- http://www.waraxe.us/advisory-80.html
Связанные уязвимости
nvd
больше 13 лет назад
user.php in NextBBS 0.6 allows remote attackers to bypass authentication and gain administrator access by setting the userkey cookie to 1.