CVE-2008-6232

Preprojects Pre Shopping Mall - Credentials Management

Title source: rule

Description

Pre Shopping Mall allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".

Exploits (2)

exploitdb WRITEUP VERIFIED

by G4N0K · textwebappsphp

https://www.exploit-db.com/exploits/6998

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by G4N0K · textwebappsphp

https://www.exploit-db.com/exploits/7000

View Code ZIP pw:eip

References (4)

Core 4

Core References

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/3017

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/6998

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/48984

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/32557

Scores

EPSS 0.0386

EPSS Percentile 88.3%

Details

CWE

CWE-255

Status published

Products (1)

preprojects/pre_shopping_mall

Published Feb 20, 2009

Tracked Since Feb 18, 2026