Lucene search

[email protected]CVE-2007-2715

HistoryMay 16, 2007 - 10:19 a.m.

CVE-2007-2715

2007-05-1610:19:00

[email protected]

web.nvd.nist.gov

snaps! gallery

cve-2007-2715

security vulnerability

remote attack

user credentials

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

High

0.054 Low

EPSS

Percentile

93.2%

JSON

Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to change arbitrary usernames and passwords via the (1) username, or the (2) password and password2 parameters in an edit action.

Affected configurations

NVD

Node

snaps_gallerysnaps_galleryMatch1.4.4

CPENameOperatorVersion
snaps_gallery:snaps_gallerysnaps galleryeq1.4.4

CPE	Name	Operator	Version
snaps_gallery:snaps_gallery	snaps gallery	eq	1.4.4

References

0day.2600.ir/exploits/3900

www.securityfocus.com/bid/23940

www.vupen.com/english/advisories/2007/1781

exchange.xforce.ibmcloud.com/vulnerabilities/34300

www.exploit-db.com/exploits/3900

Social References

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

High

0.054 Low

EPSS

Percentile

93.2%

JSON

Related for CVE-2007-2715

prion1 cvelist1 nvd1