Описание
pm.php (aka the PM system) in DeluxeBB 1.08, and possibly earlier, allows remote attackers to bypass authentication by providing an arbitrary username in the membercookie cookie parameter.
pm.php (aka the PM system) in DeluxeBB 1.08, and possibly earlier, allows remote attackers to bypass authentication by providing an arbitrary username in the membercookie cookie parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-4078
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28270
- http://secunia.com/advisories/21387
- http://securityreason.com/securityalert/1381
- http://www.osvdb.org/27834
- http://www.securityfocus.com/archive/1/442464/100/0/threaded
- http://www.securityfocus.com/bid/19418
- http://www.vupen.com/english/advisories/2006/3188
EPSS
Процентиль: 76%
0.00978
Низкий
CVE ID
Связанные уязвимости
nvd
больше 19 лет назад
pm.php (aka the PM system) in DeluxeBB 1.08, and possibly earlier, allows remote attackers to bypass authentication by providing an arbitrary username in the membercookie cookie parameter.
EPSS
Процентиль: 76%
0.00978
Низкий