AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2008-7024: admin.php in Arz Development The Gemini Portal 4.7 and earlier allows remote attackers to bypass authentication and gain

infovulnerability

security

Source: NVD/CVE DatabaseAugust 21, 2009CVE-2008-7024

Summary

CVE-2008-7024 is a critical authentication bypass vulnerability in Arz Development The Gemini Portal version 4.7 and earlier. An attacker can gain administrator privileges by manipulating cookies (small files that store user information) and parameters, specifically by setting the user cookie to "admin" and the name parameter to "users." This allows unauthorized access to admin functions without needing a valid password.

Vulnerability Details

CVSS Score

6.8

EPSS (30-day exploit probability)

EPSS: 2.6%

Classification

Attack SophisticationTrivial

Taxonomy References

CWE (Weakness Type)

CWE-264

Original source: https://nvd.nist.gov/vuln/detail/CVE-2008-7024

First tracked: February 15, 2026 at 08:51 PM

Classified by LLM (prompt v3) · confidence: 95%