cbcvebase.
CVE-2009-3421
published 2009-09-25

CVE-2009-3421: login.php in Zenas PaoBacheca Guestbook 2.1, when register_globals is enabled, allows remote attackers to bypass authentication and gain administrative access…

PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
4.99%
91.1th percentile
login.php in Zenas PaoBacheca Guestbook 2.1, when register_globals is enabled, allows remote attackers to bypass authentication and gain administrative access by setting the login_ok parameter to 1.

Affected

1 ranges
VendorProductVersion rangeFixed in
zenaspao-bacheca_guestbook

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://127.0.0.1/[path]/login.php?login_ok=1
path/login.php
  • Detect GET requests to login.php containing the query parameter 'login_ok=1', which indicates an authentication bypass attempt against PaoBacheca Guestbook 2.1.
  • Flag unauthenticated access to the admin area following a request to login.php with login_ok=1 in the query string; exploitation requires register_globals to be enabled on the server.
  • ·Exploitation is only possible when PHP's register_globals directive is enabled (register_globals = on). Servers with register_globals disabled are not vulnerable.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.