We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | mitre |
Reserved | 2003-07-17 |
Published | 2016-10-17 |
Updated | 2024-08-08 |
admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password.
http://marc.info/?l=bugtraq&m=105839007002993&w=2 (20030716 Digi-news and Digi-ads version 1.1 admin access without password)