Описание
OTManager CMS 2.4 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN_Hora, ADMIN_Logado, and ADMIN_Nome cookies to certain values, as reachable in Admin/index.php.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:otmanager:otmanager_cms:2.4:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01064
Низкий
7.5 High
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
OTManager CMS 2.4 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN_Hora, ADMIN_Logado, and ADMIN_Nome cookies to certain values, as reachable in Admin/index.php.
EPSS
Процентиль: 77%
0.01064
Низкий
7.5 High
CVSS2
Дефекты
CWE-287