Page 3 of 21 results (0.023 seconds)
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 2
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 2CVE-2010-1097
https://notcve.org/view.php?id=CVE-2010-1097
24 Mar 2010 — include/userlogin.class.php in DeDeCMS 5.5 GBK, when session.auto_start is enabled, allows remote attackers to bypass authentication and gain administrative access via a value of 1 for the _SESSION[dede_admin_id] parameter, as demonstrated by a request to uploads/include/dialog/select_soft_post.php. include/userlogin.class.php en DeDeCMS v5.5 GBK, cuando session.auto_start está activado, permite a atacantes remotos evitar la autenticación y obtener acceso como administrador mediante un valor de 1 para el pa... • http://bbs.wolvez.org/topic/125 • CWE-287: Improper Authentication •