Lucene search

[email protected]CVE-2004-0031

HistorySep 01, 2004 - 4:00 a.m.

CVE-2004-0031

2004-09-0104:00:00

[email protected]

web.nvd.nist.gov

phpgedview

2.61

remote attackers

reinstall

software

change

administrator password

http request

vulnerability

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.3%

JSON

PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and change the administrator password via a direct HTTP request to editconfig.php.

Affected configurations

NVD

Node

phpgedviewphpgedviewMatch2.61

CPENameOperatorVersion
phpgedview:phpgedviewphpgedvieweq2.61

CPE	Name	Operator	Version
phpgedview:phpgedview	phpgedview	eq	2.61

References

marc.info/?l=bugtraq&m=107340840209453&w=2

secunia.com/advisories/10565

www.osvdb.org/3403

exchange.xforce.ibmcloud.com/vulnerabilities/14161

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.3%

JSON

Related for CVE-2004-0031

nvd1 cvelist1