CVE-2008-3211

Scripteen Free Image Hosting Script <1.2.1 - Auth Bypass

Title source: llm

Description

Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote attackers to bypass authentication and gain administrative access by setting the cookid cookie value to 1.

Exploits (1)

exploitdb WORKING POC VERIFIED

by RMx · phpwebappsphp

https://www.exploit-db.com/exploits/6070

View Code ZIP pw:eip

References (6)

[Vendor Advisory] http://secunia.com/advisories/31083

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/2106/references

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/43771

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/30217

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6070

[Third Party Advisory] http://securityreason.com/securityalert/4014

Scores

EPSS 0.0513

EPSS Percentile 89.7%

Classification

CWE

CWE-287

Status draft

Affected Products (2)

scripteen/free_image_hosting_script

Timeline

Published Jul 18, 2008

Tracked Since Feb 18, 2026