CVE-2008-3318
published 2008-07-25CVE-2008-3318: admin/index.php in Maian Weblog 4.0 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary…
PriorityP260high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
8.10%
94.1th percentile
admin/index.php in Maian Weblog 4.0 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary weblog_cookie cookie.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| maian | weblog | <= 3.1 | — |
| maian | weblog | <= 4.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect authentication bypass by monitoring requests to /admin/index.php that carry any arbitrary 'weblog_cookie' cookie value — the application only checks for cookie existence, not its content. ↗
- →Alert on HTTP requests to admin/index.php in Maian Weblog that include a 'weblog_cookie' cookie from unauthenticated or unexpected sources. ↗
- →Search engine dork can be used to identify exposed Maian Weblog instances: 'Powered by Maian Weblog v4.0' ↗
- ·Any arbitrary value for the weblog_cookie cookie grants admin access — the vulnerability is in the existence check, not value validation, so blocking a specific cookie value is insufficient; the entire cookie-based auth logic must be replaced. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/30943http://www.maianscriptworld.co.uk/free-php-scripts/maian-weblog/development/index.htmlhttp://www.maianscriptworld.co.uk/news.htmlhttp://www.securityfocus.com/bid/30209https://exchange.xforce.ibmcloud.com/vulnerabilities/43751https://www.exploit-db.com/exploits/6064http://secunia.com/advisories/30943http://www.maianscriptworld.co.uk/free-php-scripts/maian-weblog/development/index.htmlhttp://www.maianscriptworld.co.uk/news.htmlhttp://www.securityfocus.com/bid/30209https://exchange.xforce.ibmcloud.com/vulnerabilities/43751https://www.exploit-db.com/exploits/6064
2008-07-25
Published