CVE-2008-6231

Pre Classified Listing PHP - Unauthenticated Authentication Bypass via Cookie Manipulation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-6231. PoCs published by G4N0K.

AI-analyzed exploit summary This is a writeup describing an insecure cookie handling vulnerability in Pre Classified Listings PHP. It demonstrates how an attacker can set admin cookies via JavaScript to bypass authentication.

Description

Pre Classified Listing PHP allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".

Exploits (2)

exploitdb WRITEUP VERIFIED
by G4N0K · textwebappsphp
https://www.exploit-db.com/exploits/7000

This is a writeup describing an insecure cookie handling vulnerability in Pre Classified Listings PHP. It demonstrates how an attacker can set admin cookies via JavaScript to bypass authentication.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Pre Classified Listings PHP
No auth needed
Prerequisites: Access to the target's admin panel URL
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
webappsphp
https://www.exploit-db.com/exploits/6998

This exploit demonstrates an insecure cookie handling vulnerability in PRE SHOPPING MALL, allowing an attacker to bypass authentication by setting admin cookies via JavaScript.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: PRE SHOPPING MALL (version not specified)
No auth needed
Prerequisites: Access to the target's admin login page
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46390
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/3019
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/32126
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/7000
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32557

Scores

EPSS 0.0291
EPSS Percentile 85.2%

Details

CWE
CWE-255
Status published
Products (1)
preprojects/pre_classified_listings
Published Feb 20, 2009
Tracked Since Feb 18, 2026