cbcvebase.
CVE-2008-3319
published 2008-07-25

CVE-2008-3319: admin/index.php in Maian Links 3.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary…

PriorityP260high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
7.77%
93.9th percentile
admin/index.php in Maian Links 3.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary links_cookie cookie.

Affected

1 ranges
VendorProductVersion rangeFixed in
maianlinks<= 3.1

Detection & IOCsextracted from sources · hover to see the quote

cookielinks_cookie=1
path/admin/index.php
  • Detect authentication bypass attempts against admin/index.php by checking for the presence of the 'links_cookie' cookie with any arbitrary value in requests to that path — the application only checks cookie existence, not its content.
  • Alert on HTTP requests to /admin/index.php that include a 'links_cookie' cookie from unauthenticated or unexpected sources, as any value will grant administrative access.
  • ·The vulnerability affects Maian Links 3.1 and earlier; the cookie check is purely existence-based, meaning any value set for 'links_cookie' will bypass authentication — no specific value is required.
  • ·Google dork can be used to identify exposed instances of the vulnerable application.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.