VYPR
← All advisories
Unrated severityNVD Advisory· Published May 2, 2005· Updated Apr 16, 2026

CVE-2005-1288

CVE-2005-1288

Description

inc_login_check.asp ACS Blog 0.8 through 1.1.3 allows remote attackers to gain administrator privileges via the "in" value in a cookie.

Affected products

10
  • Asp Press/Acs Blog10 versions
    cpe:2.3:a:asp_press:acs_blog:0.8:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:asp_press:acs_blog:0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:asp_press:acs_blog:0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:asp_press:acs_blog:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:asp_press:acs_blog:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:asp_press:acs_blog:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:asp_press:acs_blog:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:asp_press:acs_blog:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:asp_press:acs_blog:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:asp_press:acs_blog:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:asp_press:acs_blog:1.1b:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.