CVE-2014-4170

Опубликовано: 13 фев. 2020

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Средний

Описание

A Privilege Escalation Vulnerability exists in Free Reprintables ArticleFR 11.06.2014 due to insufficient access restrictions in the data.php script, which could let a remote malicious user obtain access or modify or delete database information.

Ссылки

http://packetstormsecurity.com/files/127701/Free-Reprintables-ArticleFR-11.06.2014-Improper-Access-Control.html
Third Party Advisory
VDB Entry
http://www.exploit-db.com/exploits/34245
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/95051
Third Party Advisory
VDB Entry
https://www.securityfocus.com/bid/68980
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/127701/Free-Reprintables-ArticleFR-11.06.2014-Improper-Access-Control.html
Third Party Advisory
VDB Entry
http://www.exploit-db.com/exploits/34245
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/95051
Third Party Advisory
VDB Entry
https://www.securityfocus.com/bid/68980
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:freereprintables:articlefr:*:*:*:*:*:*:*:*

Версия до 3.0.4 (включая)

EPSS

Процентиль: 98%

0.47767

Средний

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-269

Связанные уязвимости

GHSA-37g3-5cwf-286g

github

больше 3 лет назад