News Manager Lite 2.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN parameter in the NEWS_LOGIN cookie.
Affected Software
Name |
Vendor |
Start Version |
End Version |
News_manager_lite |
Expinion.net |
2.5 (including) |
2.5 (including) |
References