CyberSec.Space Logo
返回 CVE 浏览器

CVE-2009-4927

HIGH
7.5
CVSS Severity Score
EPSS Score0.1870%
EPSS Percentile30.30th
Published2010年7月12日
Last Modified2026年4月29日

Vulnerability Description

WB News 2.1.2 allows remote attackers to bypass authentication and gain administrative access via a modified WBNEWS cookie, as demonstrated by setting this cookie to 1.

Affected Platforms (CPE)

📦
Webmobo

Wbnews

= 2.1.2

References & Advisories

🔗 http://secunia.com/advisories/34822
🔗 http://www.exploit-db.com/exploits/8492
🔗 http://www.securityfocus.com/bid/34609
🔗 http://secunia.com/advisories/34822
🔗 http://www.exploit-db.com/exploits/8492
🔗 http://www.securityfocus.com/bid/34609

相关漏洞威胁

CVE-2006-02415.0

Cross-site scripting vulnerability in WBNews 1.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via ...

CVE-2009-303210.0

Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Syman...

CVE-2009-324510.0

OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/...

CVE-2009-109510.0

Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6...