CVE-2007-3704

Опубликовано: 11 июл. 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Entertainment CMS allows remote attackers to bypass authentication and perform certain administrative actions by setting the adminLogged cookie to "Administrator."

Ссылки

http://osvdb.org/37908
http://secunia.com/advisories/26016
http://securityreason.com/securityalert/2878
http://www.securityfocus.com/archive/1/473282/100/0/threaded
http://www.securityfocus.com/bid/24847
https://exchange.xforce.ibmcloud.com/vulnerabilities/35330
http://osvdb.org/37908
http://secunia.com/advisories/26016
http://securityreason.com/securityalert/2878
http://www.securityfocus.com/archive/1/473282/100/0/threaded
http://www.securityfocus.com/bid/24847
https://exchange.xforce.ibmcloud.com/vulnerabilities/35330

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:entertainment_cms:entertainment_cms:*:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00904

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-9wp9-mvvj-c449

github

почти 4 года назад