CVE-2009-4927

Severity CVSS v4.0:
Pending analysis
Type:
CWE-287 Authentication Issues
Publication date:
12/07/2010
Last modified:
21/11/2024

Description

WB News 2.1.2 allows remote attackers to bypass authentication and gain administrative access via a modified WBNEWS cookie, as demonstrated by setting this cookie to 1.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:webmobo:wbnews:2.1.2:*:*:*:*:*:*:*