exploitDog

CVE-2008-6719

Опубликовано: 13 апр. 2009

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

U&M Software Event Lister (aka JustListIt) 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to (1) start.php, (2) aktivitet.php, (3) prop_aktivitet.php, (4) kategorier.php, (5) konfig.php, (6) security.php, (7) manual.php, and possibly (8) index.php.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:uochm:justlistit:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03305

Низкий

7.5 High

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-p8r3-cc7c-gp8c

github

больше 3 лет назад

U&M Software Event Lister (aka JustListIt) 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to (1) start.php, (2) aktivitet.php, (3) prop_aktivitet.php, (4) kategorier.php, (5) konfig.php, (6) security.php, (7) manual.php, and possibly (8) index.php.

EPSS

Процентиль: 87%

0.03305

Низкий

7.5 High

CVSS2

Дефекты

CWE-287