Lucene search

[email protected]CVE-2007-5575

HistoryOct 18, 2007 - 9:17 p.m.

CVE-2007-5575

2007-10-1821:17:00

CWE-352

[email protected]

web.nvd.nist.gov

cve-2007-5575

csrf

vulnerability

1024 cms 1.2.5

remote attackers

administrators

php code

forum component

nvd

7.8 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

35.0%

JSON

Cross-site request forgery (CSRF) vulnerability in 1024 CMS 1.2.5 allows remote attackers to perform some actions as administrators, as demonstrated by (1) an unspecified action that creates a file containing PHP code and (2) unspecified use of the forum component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CPENameOperatorVersion
treble_designs:1024_cmstreble designs 1024 cmseq1.2.5

CPE	Name	Operator	Version
treble_designs:1024_cms	treble designs 1024 cms	eq	1.2.5

References

secunia.com/advisories/27259

exchange.xforce.ibmcloud.com/vulnerabilities/37267

7.8 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

35.0%

JSON

Related for CVE-2007-5575

cvelist1 prion1