CVE-2008-6919

Taskdriver < 1.3 - Authentication Bypass

Title source: rule

Description

profileedit.php TaskDriver 1.3 and earlier allows remote attackers to bypass authentication and gain administrative access by setting the auth cookie to "fook!admin."

Exploits (1)

exploitdb WORKING POC VERIFIED

by cOndemned · phpwebappsphp

https://www.exploit-db.com/exploits/7605

View Code ZIP pw:eip

References (4)

[Vendor Advisory] http://secunia.com/advisories/25221

[Exploit] http://www.securityfocus.com/bid/33030

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/47608

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/7605

Scores

EPSS 0.0166

EPSS Percentile 81.9%

Classification

CWE

CWE-287

Status draft

Affected Products (2)

taskdriver/taskdriver < 1.3

taskdriver/taskdriver

Timeline

Published Aug 10, 2009

Tracked Since Feb 18, 2026