CVE-2008-6232

Pre Shopping Mall - Unauthenticated Authentication Bypass via Cookie Manipulation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-6232. PoCs published by G4N0K.

AI-analyzed exploit summary This exploit demonstrates an insecure cookie handling vulnerability in PRE SHOPPING MALL, allowing an attacker to set admin cookies via JavaScript to bypass authentication.

Description

Pre Shopping Mall allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".

Exploits (2)

exploitdb WRITEUP VERIFIED
by G4N0K · textwebappsphp
https://www.exploit-db.com/exploits/6998

This exploit demonstrates an insecure cookie handling vulnerability in PRE SHOPPING MALL, allowing an attacker to set admin cookies via JavaScript to bypass authentication.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: PRE SHOPPING MALL (version not specified)
No auth needed
Prerequisites: Access to the target's admin login page · Ability to execute JavaScript in the victim's browser
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by G4N0K · textwebappsphp
https://www.exploit-db.com/exploits/7000

This is a writeup describing an insecure cookie handling vulnerability in Pre Classified Listings PHP. It demonstrates how an attacker can set admin cookies via JavaScript to bypass authentication.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Pre Classified Listings PHP
No auth needed
Prerequisites: Access to the target's admin panel URL
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/3017
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/6998
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/48984
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32557

Scores

EPSS 0.0286
EPSS Percentile 84.9%

Details

CWE
CWE-255
Status published
Products (1)
preprojects/pre_shopping_mall
Published Feb 20, 2009
Tracked Since Feb 18, 2026