EIP-2026-112972

This exploit demonstrates an authentication bypass in vAuthenticate 3.0.1 via SQL injection through cookie manipulation. The vulnerable code in check.php directly uses cookie values without proper sanitization, allowing an attacker to bypass authentication by injecting malicious SQL syntax.