CVE-2008-5873
Yerba SACphp < 6.3 - Unauthenticated Authentication Bypass via galleta[sesion] Cookie
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2008-5873. PoCs published by StAkeR.
AI-analyzed exploit summary This is a writeup detailing multiple vulnerabilities in Yerba SACphp <= 6.3, including admin login bypass, privilege escalation, arbitrary database download, and arbitrary admin addition via crafted SID parameters. No executable exploit code is provided.
Description
Yerba SACphp 6.3 and earlier allows remote attackers to bypass authentication and gain administrative access via a galleta[sesion] cookie that has a value beginning with 1:1: followed by a username.
Exploits (1)
This is a writeup detailing multiple vulnerabilities in Yerba SACphp <= 6.3, including admin login bypass, privilege escalation, arbitrary database download, and arbitrary admin addition via crafted SID parameters. No executable exploit code is provided.