Lucene search
MitreCVE-2008-2343HistoryMay 19, 2008 - 1:20 p.m.
CVE-2008-2343
2008-05-1913:20:00
CWE-264
mitre
web.nvd.nist.gov
24
cve-2008-2343
news manager 2.0
remote attackers
bypass restrictions
sensitive information
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.005
Percentile
75.4%
News Manager 2.0 allows remote attackers to bypass restrictions and obtain sensitive information via a direct request to (1) db/connect_str.php and (2) login/info.php.
Affected configurations
Node
news_managernews_managerMatch2.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| news_manager | news_manager | 2.0 | cpe:2.3:a:news_manager:news_manager:2.0:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2008-05-19 13:20:00
cvelist
cvelist
CVE-2008-2343
2008-05-19 10:00:00
nvd
nvd
CVE-2008-2343
2008-05-19 13:20:00
exploitdb
exploitdb
newsmanager 2.0 - Remote File Inclusion / File Disclosure / SQL Injection
2008-05-15 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.005
Percentile
75.4%
Related for CVE-2008-2343