Authentication Bypass in AJ Square AJ Auction and Pro Platinum Skins
CVE-2008-6965
Currently unrated
What is CVE-2008-6965?
The AJ Square AJ Auction and Pro Platinum Skins have a vulnerability that enables remote attackers to bypass authentication mechanisms. Direct access to specific scripts such as site.php, auction.php, and several others within the admin directory can lead to unauthorized actions on behalf of users. This flaw occurs because redirect commands are issued without proper termination, allowing attackers to leverage direct requests to compromise the system's integrity.
