EXPLOITDB-EDB-6862

EXPLOITDB text VERIFIED WORKING POC

Exploit for EIP-2026-107546 - H2O-CMS 3.4 - Insecure Cookie Handling

AI Analysis

This exploit demonstrates an insecure cookie handling vulnerability in H2O-CMS <= 3.4, allowing an attacker to set an 'admin' cookie via JavaScript to bypass authentication.

Attack Type

auth_bypass

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1552 - Unsecured Credentials

Loading exploit code...

Download ZIP Password: eip

Source

Platform Exploitdb

Type webapps

Platform php

Language text

Files 1

https://www.exploit-db.com/exploits/6862

Authors

Stack Mountassif Moad

Vulnerability

EIP-2026-107546

H2O-CMS 3.4 - Insecure Cookie Handling