Exploitation Summary
EIP tracks 1 public exploit for CVE-2008-5065. PoCs published by x0r.
AI-analyzed exploit summary This exploit demonstrates an insecure cookie handling vulnerability in TlGuestBook v1.2, allowing an attacker to set an admin cookie via JavaScript, bypassing authentication.
Description
TlGuestBook 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the tlGuestBook_login cookie to admin.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by x0r · textwebappsphp
https://www.exploit-db.com/exploits/6860
This exploit demonstrates an insecure cookie handling vulnerability in TlGuestBook v1.2, allowing an attacker to set an admin cookie via JavaScript, bypassing authentication.
Classification
Working Poc 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target:
TlGuestBook v1.2
No auth needed
Prerequisites:
Victim must execute the provided JavaScript code
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (3)
Core 3
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/31958
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/6860
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/4585
Scores
EPSS
0.0258
EPSS Percentile
83.2%
Details
CWE
CWE-287
Status
published
Products (1)
easy-script/tlguesbook
1.2
Published
Nov 13, 2008
Tracked Since
Feb 18, 2026