CVE-2006-0139

Опубликовано: 09 янв. 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The send-private-message functionality (send-private-message.asp) in PD9 Software MegaBBS 2.1 allows remote attackers to read private messages of other users via a modified replyid parameter.

Ссылки

http://secunia.com/advisories/18342
Exploit
Patch
Vendor Advisory
http://securitytracker.com/id?1015452
http://www.hamid.ir/security/megabbs.txt
Exploit
Patch
Vendor Advisory
http://www.pd9soft.com/megabbs/forums/thread-view.asp?tid=4924
Patch
Vendor Advisory
http://www.securityfocus.com/bid/16168
Patch
http://www.vupen.com/english/advisories/2006/0095
https://exchange.xforce.ibmcloud.com/vulnerabilities/24050
http://secunia.com/advisories/18342
Exploit
Patch
Vendor Advisory
http://securitytracker.com/id?1015452
http://www.hamid.ir/security/megabbs.txt
Exploit
Patch
Vendor Advisory
http://www.pd9soft.com/megabbs/forums/thread-view.asp?tid=4924
Patch
Vendor Advisory
http://www.securityfocus.com/bid/16168
Patch
http://www.vupen.com/english/advisories/2006/0095
https://exchange.xforce.ibmcloud.com/vulnerabilities/24050

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:pd9_software:megabbs:2.0:*:*:*:*:*:*:*

cpe:2.3:a:pd9_software:megabbs:2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00985

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-r59m-f8p8-w8qm

github

почти 4 года назад