### [CVE-2016-15002](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-15002)
![](https://img.shields.io/static/v1?label=Product&message=MONyog%20Ultimate&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=6.63%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-269%20Improper%20Privilege%20Management&color=brightgreen)

### Description

A vulnerability, which was classified as critical, was found in MONyog Ultimate 6.63. This affects an unknown part of the component Cookie Handler. The manipulation of the argument HasServerEdit/IsAdmin leads to privilege escalation. It is possible to initiate the attack remotely.

### POC

#### Reference
- https://youtu.be/KKlwi-u6wyA

#### Github
No PoCs found on GitHub currently.