CVE-2007-2081

Опубликовано: 18 апр. 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

MyBlog 0.9.8 and earlier allows remote attackers to bypass authentication requirements via the admin cookie parameter to certain admin files, as demonstrated by admin/settings.php.

Ссылки

http://osvdb.org/41593
http://securityreason.com/securityalert/2581
http://www.securityfocus.com/archive/1/465873/100/0/threaded
http://www.securityfocus.com/bid/23521
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/34025
http://osvdb.org/41593
http://securityreason.com/securityalert/2581
http://www.securityfocus.com/archive/1/465873/100/0/threaded
http://www.securityfocus.com/bid/23521
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/34025

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:myblog:myblog:*:*:*:*:*:*:*:*

Версия до 0.9.8 (включая)

EPSS

Процентиль: 92%

0.0744

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-gw3f-6rqc-fm2w

github

почти 4 года назад