CVE-2009-4808
published 2010-04-23CVE-2009-4808: admin.php in Graugon PHP Article Publisher 1.0 allows remote attackers to bypass authentication and obtain administrative access by setting the g_admin cookie…
PriorityP352high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.76%
84.4th percentile
admin.php in Graugon PHP Article Publisher 1.0 allows remote attackers to bypass authentication and obtain administrative access by setting the g_admin cookie to 1.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| graugon | php_article_publisher | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Graugon PHP Article Publisher 1.0 - SQL Injection / Cookie Handling
exploitdb·2009-03-02
CVE-2009-4808 Graugon PHP Article Publisher 1.0 - SQL Injection / Cookie Handling
Graugon PHP Article Publisher 1.0 - SQL Injection / Cookie Handling
---
#########################################################################################
[0x01] Informations:
Name : Graugon PHP Article Publisher 1.0
Download : http://www.hotscripts.com/listings/jump/download/88458/
Vulnerability : Multiple Sql Injections / Insecure Cookie Handling
Author : x0r
Contact : [email protected]
Notes : Proud to be Italian
#########################################################################################
[0x02] Bug:
Bugged Page: index.php [..] admin.php [..] view.php
[Code]
$c = $_GET['c'];
$query = "SELECT * FROM p_categories WHERE id=$c";
$result = mysql_query($query);
[/code]
[code]
$TwoMonths = 60 * 60 * 24 * 60 + time();
setcookie(g_admin, 1, $TwoMonths);
[/code]
[
Exploit-DB
Graugon PHP Article Publisher Pro 1.5 - Insecure Cookie Handling
exploitdb·2008-11-01
CVE-2009-4808 Graugon PHP Article Publisher Pro 1.5 - Insecure Cookie Handling
Graugon PHP Article Publisher Pro 1.5 - Insecure Cookie Handling
---
[~] Article Publisher PRO Insecure Cookie Handling Vulnerability
[~]
[~] version: 1.5
[~]
[~] ----------------------------------------------------------
[~] Discovered By: ZoRLu
[~]
[~] Date: 01.11.2008
[~]
[~] Home: www.z0rlu.blogspot.com
[~]
[~] contact: [email protected]
[~]
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
[~]
[~] N0T: a.q kpss : ) )
[~]
[~] ----------------------------------------------------------
demo admin login:
http://demo-article-publisher-pro.phparticlescript.com/admin/admin.php
demo user login:
http://demo-article-publisher-pro.phparticlescript.com/login.php
admin_name: admin
passwd: demo
passwd_md5: fe01ce2a7fbac8fafaed7c982a04e229
user_id: 1
or
user_name: zorlu
passw
No writeups or analysis indexed.
http://secunia.com/advisories/34126http://www.exploit-db.com/exploits/8133http://www.securityfocus.com/bid/33952https://exchange.xforce.ibmcloud.com/vulnerabilities/49034http://secunia.com/advisories/34126http://www.exploit-db.com/exploits/8133http://www.securityfocus.com/bid/33952https://exchange.xforce.ibmcloud.com/vulnerabilities/49034
2010-04-23
Published