CVE-2007-3592

Опубликовано: 06 июл. 2007

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

PM.php in Elite Bulletin Board before 1.0.10 allows remote authenticated users to delete arbitrary PM messages and conduct other attacks via modified id fields.

Ссылки

http://osvdb.org/37820
http://secunia.com/advisories/25926
Vendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=520558&group_id=175118
Patch
http://www.securityfocus.com/bid/24763
https://exchange.xforce.ibmcloud.com/vulnerabilities/35262
http://osvdb.org/37820
http://secunia.com/advisories/25926
Vendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=520558&group_id=175118
Patch
http://www.securityfocus.com/bid/24763
https://exchange.xforce.ibmcloud.com/vulnerabilities/35262

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:elite_bulletin_board:elite_bulletin_board:*:*:*:*:*:*:*:*

EPSS

Процентиль: 69%

0.00614

Низкий

6.5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-rp99-928p-mmhv

github

почти 4 года назад