exploitDog

CVE-2006-7074

Опубликовано: 02 мар. 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass authentication and gain administrator privileges by setting the userName cookie.

Ссылки

http://marc.info/?l=full-disclosure&m=115510147417471&w=2
Third Party Advisory
http://secunia.com/advisories/20769
Vendor Advisory
http://www.securityfocus.com/bid/19434
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/28299
http://marc.info/?l=full-disclosure&m=115510147417471&w=2
Third Party Advisory
http://secunia.com/advisories/20769
Vendor Advisory
http://www.securityfocus.com/bid/19434
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/28299

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:smartsitecms:smartsitecms:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 63%

0.00457

Низкий

7.5 High

CVSS2

Дефекты

CWE-798

Связанные уязвимости

GHSA-ffgj-ppf6-45xr

github

почти 4 года назад

admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass authentication and gain administrator privileges by setting the userName cookie.

EPSS

Процентиль: 63%

0.00457

Низкий

7.5 High

CVSS2

Дефекты

CWE-798