CVE-2005-1404

Опубликовано: 03 мая 2005

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

MyPHP Forum 1.0 allows remote attackers to spoof the username by modifying the (1) nbuser parameter to post.php or (2) sender parameter to privmsg.php.

Ссылки

http://secunia.com/advisories/15166
Vendor Advisory
http://www.osvdb.org/15902
Exploit
Patch
Vendor Advisory
http://www.osvdb.org/15903
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/13429
http://www.securityfocus.com/bid/13430
http://www.securityfocus.org/archive/1/397025
Exploit
Patch
Vendor Advisory
http://secunia.com/advisories/15166
Vendor Advisory
http://www.osvdb.org/15902
Exploit
Patch
Vendor Advisory
http://www.osvdb.org/15903
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/13429
http://www.securityfocus.com/bid/13430
http://www.securityfocus.org/archive/1/397025
Exploit
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:myphp_forum:myphp_forum:1.0:*:*:*:*:*:*:*

cpe:2.3:a:myphp_forum:myphp_forum:2.0:*:*:*:*:*:*:*

cpe:2.3:a:myphp_forum:myphp_forum:3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00985

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-pq86-qv99-3c5r

github

почти 4 года назад