CVE-2004-2715

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

edituser.php3 in PHPMyChat 0.14.5 allow remote attackers to bypass authentication and gain administrative privileges by setting the do_not_login parameter to false.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2004-06/0252.html
Exploit
http://secunia.com/advisories/11894
Vendor Advisory
http://securitytracker.com/id?1010515
http://www.osvdb.org/7149
http://www.securityfocus.com/bid/10556
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/16440
http://archives.neohapsis.com/archives/bugtraq/2004-06/0252.html
Exploit
http://secunia.com/advisories/11894
Vendor Advisory
http://securitytracker.com/id?1010515
http://www.osvdb.org/7149
http://www.securityfocus.com/bid/10556
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/16440

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:php_heaven:phpmychat:0.14.5:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.06706

Низкий

7.5 High

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-mg4c-x8gf-gw7m

github

почти 4 года назад