Lucene search
MitreCVE-2007-0049HistoryJan 04, 2007 - 11:28 a.m.
CVE-2007-0049
2007-01-0411:28:00
mitre
web.nvd.nist.gov
24
geckovich
tasktracker pro
cve-2007-0049
security vulnerability
admin account
remote attack
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.032
Percentile
91.2%
Geckovich TaskTracker Pro 1.5 and earlier allows remote attackers to add administrative or other accounts via an Add action with a modified GroupID in a direct request to Customize.asp.
Affected configurations
Node
geckovichtasktrackerMatch1.4
ORgeckovichtasktracker_proRange≤1.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| geckovich | tasktracker | 1.4 | cpe:2.3:a:geckovich:tasktracker:1.4:*:*:*:*:*:*:* |
| geckovich | tasktracker_pro | * | cpe:2.3:a:geckovich:tasktracker_pro:*:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2007-01-04 11:28:00
cvelist
cvelist
CVE-2007-0049
2007-01-04 11:00:00
nvd
nvd
CVE-2007-0049
2007-01-04 11:28:00
exploitdb
exploitdb
TaskTracker 1.5 - 'Customize.asp' Remote Add Administrator
2007-01-01 00:00:00
securityvulns
securityvulns
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.032
Percentile
91.2%
Related for CVE-2007-0049