CVE-2006-2636

Severity CVSS v4.0:
Pending analysis
Type:
CWE-287 Authentication Issues
Publication date:
30/05/2006
Last modified:
03/04/2025

Description

newsadmin.asp in Katy Whitton NewsCMSLite allows remote attackers to bypass authentication and gain administrative access by setting the loggedIn cookie to "xY1zZoPQ".

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:katy_whitton:newscmslite:*:*:*:*:*:*:*:*