CVE-2008-4784
published 2008-10-29CVE-2008-4784: aflog 1.01 allows remote attackers to bypass authentication and gain administrative access by setting the aflog_auth_a cookie to "A" or "O" in (1)…
PriorityP353high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.77%
84.5th percentile
aflog 1.01 allows remote attackers to bypass authentication and gain administrative access by setting the aflog_auth_a cookie to "A" or "O" in (1) edit_delete.php, (2) edit_cat.php, (3) edit_lock.php, and (4) edit_form.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| aflog | aflog | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://securityreason.com/securityalert/4524http://www.securityfocus.com/bid/31894https://exchange.xforce.ibmcloud.com/vulnerabilities/46083https://www.exploit-db.com/exploits/6818http://securityreason.com/securityalert/4524http://www.securityfocus.com/bid/31894https://exchange.xforce.ibmcloud.com/vulnerabilities/46083https://www.exploit-db.com/exploits/6818
2008-10-29
Published