Lucene search

[email protected]CVE-2006-1276

HistoryMar 19, 2006 - 11:06 a.m.

CVE-2006-1276

2006-03-1911:06:00

[email protected]

web.nvd.nist.gov

cve-2006-1276

php

simplenews

authentication bypass

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.038 Low

EPSS

Percentile

91.9%

JSON

admin.php in Himpfen Consulting Company PHP SimpleNEWS 1.0.0 allows remote attackers to bypass authentication by setting the admin parameter in a cookie.

Affected configurations

NVD

Node

himpfen_consultingphp_simplenewsRange≤1.0.0

CPENameOperatorVersion
himpfen_consulting:php_simplenewshimpfen consulting php simplenewsle1.0.0

CPE	Name	Operator	Version
himpfen_consulting:php_simplenews	himpfen consulting php simplenews	le	1.0.0

References

evuln.com/vulns/94/summary.html

secunia.com/advisories/19195

securityreason.com/securityalert/613

www.osvdb.org/23803

www.securityfocus.com/archive/1/428427

www.securityfocus.com/bid/17186

www.vupen.com/english/advisories/2006/0913

exchange.xforce.ibmcloud.com/vulnerabilities/25177

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.038 Low

EPSS

Percentile

91.9%

JSON

Related for CVE-2006-1276

nvd1 cvelist1 prion1