Lucene search

[email protected]CVE-2008-2282

HistoryMay 18, 2008 - 2:20 p.m.

CVE-2008-2282

2008-05-1814:20:00

CWE-287

[email protected]

web.nvd.nist.gov

cve-2008-2282

internet photoshow

authentication bypass

remote attack

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.1%

JSON

admin.php in Internet Photoshow and Internet Photoshow Special Edition (SE) allows remote attackers to bypass authentication by setting the login_admin cookie to true.

CPENameOperatorVersion
thomas_voecking:internet_photoshowthomas voecking internet photoshoweqnull

CPE	Name	Operator	Version
thomas_voecking:internet_photoshow	thomas voecking internet photoshow	eq	null

References

www.securityfocus.com/bid/29227

exchange.xforce.ibmcloud.com/vulnerabilities/42422

www.exploit-db.com/exploits/5617

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.1%

JSON

Related for CVE-2008-2282

prion1 cvelist1