Lucene search

[email protected]CVE-2007-5032

HistorySep 21, 2007 - 7:17 p.m.

CVE-2007-5032

2007-09-2119:17:00

CWE-352

[email protected]

web.nvd.nist.gov

cve

2007

5032

php-nuke

admin.php

csrf

vulnerability

cross-site request forgery

francisco burzi

7.8 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

55.3%

JSON

Cross-site request forgery (CSRF) vulnerability in admin.php in Francisco Burzi PHP-Nuke allows remote attackers to add administrative accounts via an AddAuthor action with modified add_name and add_radminsuper parameters.

CPENameOperatorVersion
francisco_burzi:php-nukefrancisco burzi php-nukele1.0
francisco_burzi:php-nukefrancisco burzi php-nukele7.4
francisco_burzi:php-nukefrancisco burzi php-nukele5.2a
francisco_burzi:php-nukefrancisco burzi php-nukele4.3
francisco_burzi:php-nukefrancisco burzi php-nukele6.7
francisco_burzi:php-nukefrancisco burzi php-nukele8.0_final
francisco_burzi:php-nukefrancisco burzi php-nukele6.0
francisco_burzi:php-nukefrancisco burzi php-nukele7.8
francisco_burzi:php-nukefrancisco burzi php-nukele5.6
francisco_burzi:php-nukefrancisco burzi php-nukele7.1

CPE	Name	Operator	Version
francisco_burzi:php-nuke	francisco burzi php-nuke	le	1.0
francisco_burzi:php-nuke	francisco burzi php-nuke	le	7.4
francisco_burzi:php-nuke	francisco burzi php-nuke	le	5.2a
francisco_burzi:php-nuke	francisco burzi php-nuke	le	4.3
francisco_burzi:php-nuke	francisco burzi php-nuke	le	6.7
francisco_burzi:php-nuke	francisco burzi php-nuke	le	8.0_final
francisco_burzi:php-nuke	francisco burzi php-nuke	le	6.0
francisco_burzi:php-nuke	francisco burzi php-nuke	le	7.8
francisco_burzi:php-nuke	francisco burzi php-nuke	le	5.6
francisco_burzi:php-nuke	francisco burzi php-nuke	le	7.1

Rows per page:

1-10 of 411

References

osvdb.org/42521

securityreason.com/securityalert/3157

www.securityfocus.com/archive/1/480107/100/0/threaded

7.8 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

55.3%

JSON

Related for CVE-2007-5032

prion1 cvelist1