CVE-2006-5909

Опубликовано: 15 нояб. 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

generaloptions.php in Paul Tarjan Stanford Conference And Research Forum (SCARF) before 20070227 does not require the admin privilege, which allows remote attackers to reconfigure the application or its user accounts.

Ссылки

http://secunia.com/advisories/24311
Vendor Advisory
http://sourceforge.net/project/shownotes.php?group_id=177652&release_id=489633
http://www.securityfocus.com/archive/1/450679/100/0/threaded
http://www.securityfocus.com/archive/1/460196/100/0/threaded
http://www.securityfocus.com/bid/20934
http://www.vupen.com/english/advisories/2007/0760
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/30037
https://exchange.xforce.ibmcloud.com/vulnerabilities/32700
http://secunia.com/advisories/24311
Vendor Advisory
http://sourceforge.net/project/shownotes.php?group_id=177652&release_id=489633
http://www.securityfocus.com/archive/1/450679/100/0/threaded
http://www.securityfocus.com/archive/1/460196/100/0/threaded
http://www.securityfocus.com/bid/20934
http://www.vupen.com/english/advisories/2007/0760
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/30037
https://exchange.xforce.ibmcloud.com/vulnerabilities/32700

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:paul_tarjan:stanford_conference_and_research_forum:beta:*:*:*:*:*:*:*

EPSS

Процентиль: 71%

0.00684

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-7x2r-3328-x46g

github

почти 4 года назад