Unrated severityNVD Advisory· Published Jun 3, 2008· Updated Jun 16, 2026
CVE-2008-2524
CVE-2008-2524
Description
BlogPHP 2.0 allows remote attackers to bypass authentication, and post (1) messages or (2) comments as an arbitrary user, via a modified blogphp_username field in a cookie.
Affected products
2Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.