Lucene search

K
cve[email protected]CVE-2008-4146
HistorySep 24, 2008 - 5:41 a.m.

CVE-2008-4146

2008-09-2405:41:38
CWE-287
web.nvd.nist.gov
17
cve-2008-4146
addalink
remote attackers
web-site additions
visit-counter
nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

87.1%

Addalink 1.0 beta 4 and earlier allows remote attackers to (1) approve web-site additions via a modified approved field and (2) change the visit-counter value via a modified counter field.

Affected configurations

NVD
Node
addalinkaddalinkRange1.0beta4
CPENameOperatorVersion
addalink:addalinkaddalinkle1.0

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

87.1%

Related for CVE-2008-4146