CVE-2008-3303

CVE-2008-3303 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

admin/login.php in BilboBlog 0.2.1, when register_globals is enabled, allows remote attackers to bypass authentication and obtain administrative access via a direct request that sets the login, admin_login, password, and admin_passwd parameters.

Learn more about our Web Application Penetration Testing UK.