Lucene search

[email protected]CVE-2008-3319

HistoryJul 25, 2008 - 4:41 p.m.

CVE-2008-3319

2008-07-2516:41:00

CWE-287

[email protected]

web.nvd.nist.gov

cve-2008-3319

remote attackers

authentication bypass

gain administrative access

maian links 3.1

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.067 Low

EPSS

Percentile

93.9%

JSON

admin/index.php in Maian Links 3.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary links_cookie cookie.

Affected configurations

NVD

Node

maianlinksRange≤3.1

CPENameOperatorVersion
maian:linksmaian linksle3.1

CPE	Name	Operator	Version
maian:links	maian links	le	3.1

References

secunia.com/advisories/31068

www.maianscriptworld.co.uk/free-php-scripts/maian-links/development/index.html

www.maianscriptworld.co.uk/news.html

www.securityfocus.com/bid/30205

exchange.xforce.ibmcloud.com/vulnerabilities/43749

www.exploit-db.com/exploits/6062

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.067 Low

EPSS

Percentile

93.9%

JSON

Related for CVE-2008-3319

prion1 cvelist1 nvd1 nessus1