CVE-2008-3211

Scripteen Free Image Hosting Script <1.2.1 - Auth Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-3211. PoCs published by RMx.

AI-analyzed exploit summary This PHP script exploits an information disclosure vulnerability in Scripteen Free Image Hosting Script V1.2 by sending a crafted HTTP request with a specific cookie to retrieve admin credentials from the settings.php page.

Description

Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote attackers to bypass authentication and gain administrative access by setting the cookid cookie value to 1.

Exploits (1)

exploitdb WORKING POC VERIFIED

by RMx · phpwebappsphp

https://www.exploit-db.com/exploits/6070

View Code ZIP pw:eip

This PHP script exploits an information disclosure vulnerability in Scripteen Free Image Hosting Script V1.2 by sending a crafted HTTP request with a specific cookie to retrieve admin credentials from the settings.php page.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Scripteen Free Image Hosting Script V1.2

No auth needed

Prerequisites: Target must be running Scripteen Free Image Hosting Script V1.2 · Target must be accessible via HTTP

MITRE ATT&CK