Описание
Atomic Photo Album 1.1.0 pre4 does not properly handle the apa_cookie_login and apa_cookie_password cookies, which probably allows remote attackers to bypass authentication and gain administrative access via modified cookies.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:atomic_photo_album:atomic_photo_album:1.1.0:pre4:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02259
Низкий
7.5 High
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
Atomic Photo Album 1.1.0 pre4 does not properly handle the apa_cookie_login and apa_cookie_password cookies, which probably allows remote attackers to bypass authentication and gain administrative access via modified cookies.
EPSS
Процентиль: 84%
0.02259
Низкий
7.5 High
CVSS2
Дефекты
CWE-287