CVE-2009-3966

Arcade Trade Script 1.0 - Auth Bypass

Title source: llm
STIX 2.1

Description

Arcade Trade Script 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLoggedIn cookie to true.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Mr.tro0oqy · textwebappsphp
https://www.exploit-db.com/exploits/9482

References (2)

Core 2
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/9482
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/36448

Scores

EPSS 0.0088
EPSS Percentile 75.5%

Details

CWE
CWE-287
Status published
Products (1)
arcadetradescript/arcade_trade_script 1.0
Published Nov 18, 2009
Tracked Since Feb 18, 2026