CVE-2008-4708

Sylvain Pasquet Bbzl.php - Authentication Bypass

Title source: rule

Description

BbZL.PhP 0.92 allows remote attackers to bypass authentication and gain administrative access by setting the phorum_admin_session cookie to 1.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Stack · textwebappsphp
https://www.exploit-db.com/exploits/6621

References (4)

Scores

EPSS 0.0226
EPSS Percentile 84.4%

Classification

CWE
CWE-287
Status draft

Affected Products (1)

sylvain_pasquet/bbzl.php

Timeline

Published Oct 23, 2008
Tracked Since Feb 18, 2026