CVE-2006-2727

Опубликовано: 01 июн. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

home/register.php in Eggblog before 3.0 allows remote attackers to change the password of administrators and possibly other users via a modified username parameter.

Ссылки

http://securityreason.com/securityalert/1005
http://www.nukedx.com/?viewdoc=36
Exploit
Vendor Advisory
http://www.securityfocus.com/archive/1/435284/100/0/threaded
http://www.securityfocus.com/archive/1/435300/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/26833
http://securityreason.com/securityalert/1005
http://www.nukedx.com/?viewdoc=36
Exploit
Vendor Advisory
http://www.securityfocus.com/archive/1/435284/100/0/threaded
http://www.securityfocus.com/archive/1/435300/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/26833

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:epic_designs:eggblog:*:*:*:*:*:*:*:*

Версия до 3.0.6 (включая)

cpe:2.3:a:epic_designs:eggblog:2.0:*:*:*:*:*:*:*

cpe:2.3:a:epic_designs:eggblog:3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01093

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-p86p-29mf-5fvc

github

почти 4 года назад