CVE-2008-6231

Preprojects Pre Classified Listings - Credentials Management

Title source: rule

Description

Pre Classified Listing PHP allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".

Exploits (2)

exploitdb WRITEUP VERIFIED

by G4N0K · textwebappsphp

https://www.exploit-db.com/exploits/7000

View Code ZIP pw:eip

exploitdb WORKING POC

webappsphp

https://www.exploit-db.com/exploits/6998

View Code ZIP pw:eip

References (5)

[Vendor Advisory] http://secunia.com/advisories/32557

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/32126

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/7000

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/46390

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/3019

Scores

EPSS 0.0393

EPSS Percentile 88.4%

Details

CWE

CWE-255

Status published

Products (1)

preprojects/pre_classified_listings

Published Feb 20, 2009

Tracked Since Feb 18, 2026