Summary
The remote Allegro RomPager service is vulnerable to the `Misfortune Cookie` Vulnerability
Solution
Ask the vendor for an update
Affected
RomPager services with versions before 4.34
Detection
Send a HTTP GET request with a special crafted cookie and check the response
References
Severity
Classification
-
CVE CVE-2014-9222 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Apache Struts2 'URL' & 'Anchor' tags Arbitrary Java Method Execution Vulnerabilities
- Avenger's News System Command Execution
- Atutor AContent Multiple SQL Injection and XSS Vulnerabilities
- ArticleFR CMS 'id' Parameter SQL Injection Vulnerability
- Apache Axis2 Document Type Declaration Processing Security Vulnerability