CVE-2009-1618 Information

Description

Teraway LiveHelp 2.0 allows remote attackers to bypass authentication and gain administrative access via a pwd=&lvl=1&usr=&alias=admin&userid=1 value for the TWLHadmin cookie.

Reference

http://secunia.com/advisories/34802 http://www.securityfocus.com/bid/34735 https://www.exploit-db.com/exploits/8552