|
CVE Reference: CVE-2008-1904
|
|
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.
|
|
Original Page at CVE MITRE:
CVE-2008-1904
|
|
Description:
Cicoandcico CcMail 1.0.1 and earlier does not verify that the this_cookie cookie corresponds to an authenticated session, which allows remote attackers to obtain access to the "admin area" via a modified this_cookie cookie.
|
|
CVE Status:
Candidate
|
|
References:
SAID
Secunia Advisory: SA29812
MILW0RM
http://www.milw0rm.com/exploits/5433
BID
28751
|
|
|
Return to the previous page.
|
