Improper Cookie Authentication in AjaXplorer 3.2.x and 4.0.x

Improper Cookie Authentication in AjaXplorer 3.2.x and 4.0.x

CVE-2012-1840 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

AjaXplorer 3.2.x before 3.2.5 and 4.0.x before 4.0.4 does not properly perform cookie authentication, which allows remote attackers to obtain login access by leveraging knowledge of a password hash.

Learn more about our Web Application Penetration Testing UK.