← CVECheck
HomeVulnerabilities

CVE-2004-1847 — HIGH severity vulnerability (News Manager Lite 2.5 allows remote attackers to bypass auth)

News Manager Lite 2.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN parameter in the NEWS_LOGIN cookie.

CVE IDCVE-2004-1847
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2004-03-20
Last modified2026-04-16
DescriptionNews Manager Lite 2.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN parameter in the NEWS_LOGIN cookie.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →