CVE-2008-6667

Marc Melvin A+ Php Scripts News Manag... - Authentication Bypass

Title source: rule

Description

A+ PHP Scripts News Management System (NMS) allows remote attackers to bypass authentication and gain administrator privileges by setting the mobsuser and mobspass cookies to 1.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Virangar Security · textwebappsphp

https://www.exploit-db.com/exploits/5954

View Code ZIP pw:eip

References (3)

[Exploit] http://www.securityfocus.com/bid/29977

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/43431

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/5954

Scores

EPSS 0.0117

EPSS Percentile 78.5%

Classification

CWE

CWE-287

Status draft

Affected Products (1)

marc_melvin/a\+_php_scripts_news_management_system

Timeline

Published Apr 08, 2009

Tracked Since Feb 18, 2026