CVE-2002-0588

Опубликовано: 18 июн. 2002

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

PVote before 1.9 does not authenticate users for restricted operations, which allows remote attackers to add or delete polls by modifying parameters to (1) add.php or (2) del.php.

Ссылки

http://online.securityfocus.com/archive/1/268231
Exploit
Vendor Advisory
http://orbit-net.net:8001/php/pvote/
Vendor Advisory
http://www.iss.net/security_center/static/8877.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/4540
Exploit
Patch
Vendor Advisory
http://online.securityfocus.com/archive/1/268231
Exploit
Vendor Advisory
http://orbit-net.net:8001/php/pvote/
Vendor Advisory
http://www.iss.net/security_center/static/8877.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/4540
Exploit
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:steve_korbett:pvote:1.0:*:*:*:*:*:*:*

cpe:2.3:a:steve_korbett:pvote:1.0a:*:*:*:*:*:*:*

cpe:2.3:a:steve_korbett:pvote:1.0b:*:*:*:*:*:*:*

cpe:2.3:a:steve_korbett:pvote:1.5:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.05053

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-25vh-8m4m-9m4f

github

больше 3 лет назад