CVE-2008-6723

Turnkeyforms Entertainment Portal - Authentication Bypass

Title source: rule

Description

TurnkeyForms Entertainment Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLogged cookie to Administrator.

Exploits (1)

exploitdb WORKING POC VERIFIED

by G4N0K · textwebappsphp

https://www.exploit-db.com/exploits/7028

View Code ZIP pw:eip

References (5)

[Exploit] http://osvdb.org/49749

[Vendor Advisory] http://secunia.com/advisories/32535

[Exploit] http://www.securityfocus.com/bid/32174

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/46422

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/7028

Scores

EPSS 0.0194

EPSS Percentile 83.2%

Classification

CWE

CWE-287

Status draft

Affected Products (1)

turnkeyforms/entertainment_portal

Timeline

Published Apr 14, 2009

Tracked Since Feb 18, 2026