exploitDog

CVE-2005-2252

Опубликовано: 13 июл. 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

PhpAuction 2.5 allows remote attackers to bypass authentication and gain privileges as another user by setting the PHPAUCTION_RM_ID cookie to the user ID.

Ссылки

http://secunia.com/advisories/15967
http://securitytracker.com/id?1014423
Vendor Advisory
http://secunia.com/advisories/15967
http://securitytracker.com/id?1014423
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gianluca_baldo:phpauction:2.5:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00572

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-wqvh-rrpc-fpj4

github

почти 4 года назад

PhpAuction 2.5 allows remote attackers to bypass authentication and gain privileges as another user by setting the PHPAUCTION_RM_ID cookie to the user ID.

EPSS

Процентиль: 68%

0.00572

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other