Authentication Bypass in PokerMax Poker League Tournament Script by Vulnerability in Configure.php
CVE-2008-4600

Currently unrated

Key Information:

Vendor: Steve Dawson
Status: Pokermax Poker League Tournament Script
Vendor: CVE Published:; 18 October 2008

🔔 Create Steve Dawson Vulnerability Alert

What is CVE-2008-4600?

The PokerMax Poker League Tournament Script 0.13 contains a vulnerability in the configure.php file that allows remote attackers to bypass authentication mechanisms. By manipulating the ValidUserAdmin cookie, unauthorized users can gain administrative access to the system. This flaw can lead to compromise of sensitive data and operational control over the poker league functionalities. It is essential for users of the affected version to assess their security measures and apply necessary patches.

References

http://secunia.com/advisories/32312

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/45931

vdb-entryx_refsource_XF

https://www.exploit-db.com/exploits/6766

exploitx_refsource_EXPLOIT-DB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 18, 2008
Vulnerability Reserved
Oct 17, 2008