Описание
admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:digi-fx:digi-news:1.1:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02558
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password.
EPSS
Процентиль: 85%
0.02558
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other