CVE-2008-2297 Information

Description

The admin.php file in Rantx allows remote attackers to bypass authentication and gain privileges by setting the logininfo cookie to ?php\ or ?\ which is present in the password file and probably passes an insufficient comparison.

Reference

http://secunia.com/advisories/30279 http://www.securityfocus.com/bid/29243 https://exchange.xforce.ibmcloud.com/vulnerabilities/42464 https://www.exploit-db.com/exploits/5628