Host Directory PRO - Cookie Security Bypass

EDB-ID:

31676

CVE:

N/A


Platform:

PHP

Published:

2008-04-20

source: http://www.securityfocus.com/bid/28863/info

Host Directory PRO is prone to a security-bypass vulnerability because it fails to properly validate user credentials before performing certain actions.

Exploiting this issue may allow an attacker to bypass certain security restrictions and gain administrative access to the application. This will compromise the application and may aid in further attacks.

javascript:document.cookie = "adm=1 path=/;";