CVE-2008-6799

FlashChat 5.0.8 - Unauthenticated Privilege Escalation via Role Filter Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-6799. PoCs published by eLiSiA.

AI-analyzed exploit summary This exploit leverages a security-bypass vulnerability in FlashChat by manipulating the 'sendAndLoad' parameter to gain unauthorized administrative access. The provided URL-encoded payload bypasses authentication restrictions.

Description

connection.php in FlashChat 5.0.8 allows remote attackers to bypass the role filter mechanism and gain administrative privileges by setting the s parameter to "7."

Exploits (1)

exploitdb WORKING POC VERIFIED

by eLiSiA · textwebappsphp

https://www.exploit-db.com/exploits/32494

View Code ZIP pw:eip

This exploit leverages a security-bypass vulnerability in FlashChat by manipulating the 'sendAndLoad' parameter to gain unauthorized administrative access. The provided URL-encoded payload bypasses authentication restrictions.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: FlashChat (version not specified)

No auth needed

Prerequisites: Access to the vulnerable FlashChat application

MITRE ATT&CK