CVE-2008-4714 Information

Description

Atomic Photo Album 1.1.0 pre4 does not properly handle the apa_cookie_login and apa_cookie_password cookies which probably allows remote attackers to bypass authentication and gain administrative access via modified cookies.

Reference

http://securityreason.com/securityalert/4497 http://www.securityfocus.com/bid/31427 https://www.exploit-db.com/exploits/6580