CVE-2008-6228

Preproject Pre Multi-vendor Shopping Malls - Credentials Management

Title source: rule

Description

Pre Multi-Vendor Shopping Malls allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".

Exploits (1)

exploitdb WORKING POC VERIFIED

by G4N0K · textwebappsphp

https://www.exploit-db.com/exploits/6999

View Code ZIP pw:eip

References (3)

Core 3

Core References

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/3018

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/46388

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/6999

Scores

EPSS 0.0226

EPSS Percentile 84.7%

Details

CWE

CWE-255

Status published

Products (1)

preproject/pre_multi-vendor_shopping_malls

Published Feb 20, 2009

Tracked Since Feb 18, 2026