Exploitation Summary
EIP tracks 1 public exploit for CVE-2008-6092. PoCs published by Crackers_Child.
AI-analyzed exploit summary This exploit leverages insecure cookie handling in Ranking Script to bypass authentication by setting an admin cookie via JavaScript. The attacker can then access the admin panel to modify site data.
Description
phpscripts Ranking Script allows remote attackers to bypass authentication and gain administrative access by sending an admin=ja cookie.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Crackers_Child · textwebappsphp
https://www.exploit-db.com/exploits/6649
This exploit leverages insecure cookie handling in Ranking Script to bypass authentication by setting an admin cookie via JavaScript. The attacker can then access the admin panel to modify site data.
Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target:
Ranking Script (version unspecified)
No auth needed
Prerequisites:
Victim must execute the provided JavaScript snippet · Target must be using a vulnerable version of Ranking Script
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/31527
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/32076
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/45604
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/6649
Scores
EPSS
0.0263
EPSS Percentile
83.6%
Details
CWE
CWE-287
Status
published
Products (1)
phpscripts/ranking-script
Published
Feb 09, 2009
Tracked Since
Feb 18, 2026