CVE-2006-7074 Information

Description

admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass authentication and gain administrator privileges by setting the userName cookie.

Reference

http://marc.info/?l=full-disclosure&m=115510147417471&w=2 http://secunia.com/advisories/20769 http://www.securityfocus.com/bid/19434 https://exchange.xforce.ibmcloud.com/vulnerabilities/28299