CVE-2008-5497

BandSite CMS 1.1.4 - Auth Bypass

Title source: llm

Description

BandSite CMS 1.1.4 allows remote attackers to bypass authentication and gain administrative access by setting the login_auth cookie to true.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Stack · textwebappsphp
https://www.exploit-db.com/exploits/7113

References (4)

Scores

EPSS 0.0358
EPSS Percentile 87.6%

Classification

CWE
CWE-287
Status draft

Affected Products (1)

bandsitecms/bandsite_cms

Timeline

Published Dec 12, 2008
Tracked Since Feb 18, 2026