CVE-2009-4091

Опубликовано: 29 нояб. 2009

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

comments.php in Simplog 0.9.3.2, and possibly earlier, does not properly restrict access, which allows remote attackers to edit or delete comments via the (1) edit or (2) del action.

Ссылки

http://secunia.com/advisories/21390
Vendor Advisory
http://www.exploit-db.com/exploits/10180
http://www.securityfocus.com/bid/37063
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/54355
http://secunia.com/advisories/21390
Vendor Advisory
http://www.exploit-db.com/exploits/10180
http://www.securityfocus.com/bid/37063
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/54355

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:simplog:simplog:0.9.3.2:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03273

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-8wrv-rqg2-m3fr

github

почти 4 года назад