CVE-2008-5784

CRITICAL

V3 Chat - Profiles/Dating Script 3.0.2 - Auth Bypass

Title source: llm

Description

V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie to 1.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Stack · textwebappsphp

https://www.exploit-db.com/exploits/7063

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Cyber-Zone · textwebappsphp

https://www.exploit-db.com/exploits/7069

View Code ZIP pw:eip

References (5)

[Broken Link, Vendor Advisory] http://secunia.com/advisories/32603

[Broken Link, Exploit, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/32216

[Broken Link] http://www.vupen.com/english/advisories/2008/3071

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/46479

[Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/7063

Scores

CVSS v3 9.8

EPSS 0.0579

EPSS Percentile 90.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-565

Status published

Products (1)

v3chat/v3_chat_profiles_dating_script 3.0.2

Published Dec 31, 2008

Tracked Since Feb 18, 2026