CVE-2008-7051

Ajsquare AJ Article - Authentication Bypass

Title source: rule

Description

AJ Square AJ Article allows remote attackers to bypass authentication and access administrator functionality via a direct request to (1) user.php, (2) articles.php, (3) articlesuspend.php, (4) site.php, (5) statistics.php, (6) mail.php, (7) category.php, (8) subcategory.php, (9) changepassword.php, (10) polling.php, and (11) logo.php in admin/.

Exploits (1)

exploitdb WRITEUP VERIFIED
by G4N0K · textwebappsphp
https://www.exploit-db.com/exploits/7081

References (3)

Scores

EPSS 0.0166
EPSS Percentile 81.9%

Classification

CWE
CWE-287
Status draft

Affected Products (1)

ajsquare/aj_article

Timeline

Published Aug 24, 2009
Tracked Since Feb 18, 2026