CVE-2008-6302

TurnkeyForms Local Classifieds - Unauthenticated Authentication Bypass via Direct Admin Page Access

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-6302. PoCs published by G4N0K.

AI-analyzed exploit summary This is a writeup describing an authentication bypass vulnerability in Turnkeyforms Local Classifieds. It provides URLs for exploitation but lacks actual exploit code or technical details.

Description

TurnkeyForms Local Classifieds allows remote attackers to bypass authentication and gain administrative access via a direct request to Site_Admin/admin.php.

Exploits (1)

exploitdb WRITEUP VERIFIED
by G4N0K · textwebappsphp
https://www.exploit-db.com/exploits/7106

This is a writeup describing an authentication bypass vulnerability in Turnkeyforms Local Classifieds. It provides URLs for exploitation but lacks actual exploit code or technical details.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: Turnkeyforms Local Classifieds
No auth needed
Prerequisites: Access to the admin.php URL
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32591
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/3142
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46589
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/7106

Scores

EPSS 0.0257
EPSS Percentile 83.1%

Details

CWE
CWE-264
Status published
Products (1)
turnkeyforms/local_classifieds
Published Feb 26, 2009
Tracked Since Feb 18, 2026