Lucene search

[email protected]CVE-2003-0272

HistoryMay 27, 2003 - 4:00 a.m.

CVE-2003-0272

2003-05-2704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

miniportail

remote attackers

administrative privileges

7.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.4%

JSON

admin.php in miniPortail allows remote attackers to gain administrative privileges by setting the miniPortailAdmin cookie to an “adminok” value.

CPENameOperatorVersion
miniportal:miniportalminiportaleq2.0
miniportal:miniportalminiportaleq2.1
miniportal:miniportalminiportaleq2.2
miniportal:miniportalminiportaleq1.9

CPE	Name	Operator	Version
miniportal:miniportal	miniportal	eq	2.0
miniportal:miniportal	miniportal	eq	2.1
miniportal:miniportal	miniportal	eq	2.2
miniportal:miniportal	miniportal	eq	1.9

References

marc.info/?l=bugtraq&m=105240907024660&w=2

www.frog-man.org/tutos/miniPortail.txt

7.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.4%

JSON

Related for CVE-2003-0272

cvelist1 nessus1