Security Advisory

CVE-2008-1904

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2008-04-21 23:00:00

Last updated 2024-08-07 08:40:59

Assigner mitre

State PUBLISHED

Description

Cicoandcico CcMail 1.0.1 and earlier does not verify that the this_cookie cookie corresponds to an authenticated session, which allows remote attackers to obtain access to the "admin area" via a modified this_cookie cookie.

← Browse all CVEs View on cve.org ↗