CVE-2008-7156
EkinBoard <1.1.0 - Auth Bypass
Title source: llmDescription
EkinBoard 1.1.0 and earlier, when register_globals is enabled, allows remote attackers to bypass authorization and gain administrator privileges by setting the _groups[] parameter to 2, as demonstrated via backup.php.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Eugene Minaev · textwebappsphp
https://www.exploit-db.com/exploits/4859
Scores
EPSS
0.0093
EPSS Percentile
75.8%
Classification
CWE
CWE-287
Status
draft
Affected Products (1)
ekinboard/ekinboard
< 1.1.0
Timeline
Published
Sep 02, 2009
Tracked Since
Feb 18, 2026