Lucene search
MitreCVE-2003-1245HistoryNov 16, 2005 - 7:37 a.m.
CVE-2003-1245
2005-11-1607:37:00
mitre
web.nvd.nist.gov
29
cve-2003-1245
mambo 4.0.12
administrator access
session_id
remote attackers
url request
nvd
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.9
Confidence
Low
EPSS
0.061
Percentile
93.6%
index2.php in Mambo 4.0.12 allows remote attackers to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie.
Affected configurations
Node
mambomambo_site_serverMatch4.0.12_rc2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mambo | mambo_site_server | 4.0.12_rc2 | cpe:2.3:a:mambo:mambo_site_server:4.0.12_rc2:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2003-1245
2005-11-16 07:37:00
exploitdb
exploitdb
Mambo Site Server 4.0.12 RC2 - Cookie Validation
2003-02-24 00:00:00
nessus
nessus
Mambo Site Server MD5 Hash Session ID Privilege Escalation
2003-03-12 00:00:00
nvd
nvd
CVE-2003-1245
2003-12-31 05:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.9
Confidence
Low
EPSS
0.061
Percentile
93.6%
Related for CVE-2003-1245