Lucene search

[email protected]CVE-2007-3591

HistoryJul 06, 2007 - 6:30 p.m.

CVE-2007-3591

2007-07-0618:30:00

[email protected]

web.nvd.nist.gov

cve-2007-3591

elite bulletin board

profile.php

remote attackers

unauthorized modification

security vulnerability

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.4 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.3%

JSON

Unspecified vulnerability in Profile.php in Elite Bulletin Board before 1.0.10 allows remote attackers to modify profile information via unspecified vectors related to “a remote form,” probably related to direct requests and missing authorization checks.

Affected configurations

NVD

Node

elite_bulletin_boardelite_bulletin_boardMatch1.0.8

elite_bulletin_boardelite_bulletin_boardMatch1.0.9

CPENameOperatorVersion
elite_bulletin_board:elite_bulletin_boardelite bulletin boardeq1.0.8
elite_bulletin_board:elite_bulletin_boardelite bulletin boardeq1.0.9

CPE	Name	Operator	Version
elite_bulletin_board:elite_bulletin_board	elite bulletin board	eq	1.0.8
elite_bulletin_board:elite_bulletin_board	elite bulletin board	eq	1.0.9

References

osvdb.org/37819

secunia.com/advisories/25926

sourceforge.net/project/shownotes.php?release_id=520558&group_id=175118

www.securityfocus.com/bid/24763

exchange.xforce.ibmcloud.com/vulnerabilities/35261

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.4 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.3%

JSON

Related for CVE-2007-3591

nvd1 prion1 cvelist1