VULHUB ™

PhpAuction is reported prone to an authentication bypass vulnerability. It is reported that this vulnerability exists due to a weak design of the system used to control access to the PhpAuction administrative interface. By simply editing a session cookie value an attacker may bypass the PhpAuction authentication system and gain access to the administrative interface.

PhpAuction is reported prone to an authentication bypass vulnerability. It is reported that this vulnerability exists due to a weak design of the system used to control access to the PhpAuction administrative interface. By simply editing a session cookie value an attacker may bypass the PhpAuction authentication system and gain access to the administrative interface.