Lucene search

MitreCVE-2008-5042

HistoryNov 12, 2008 - 9:11 p.m.

CVE-2008-5042

2008-11-1221:11:06

CWE-287

mitre

web.nvd.nist.gov

zeeways

photovideotube

authentication bypass

admin home.php

security vulnerability

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.081

Percentile

94.4%

JSON

Zeeways PhotoVideoTube 1.1 and earlier allows remote attackers to bypass authentication and perform administrative tasks via a direct request to admin/home.php.

Affected configurations

Nvd

Node

zeewaysphotovideotubeRange≤1.1

VendorProductVersionCPE
zeewaysphotovideotube*cpe:2.3:a:zeeways:photovideotube:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
zeeways	photovideotube	*	cpe:2.3:a:zeeways:photovideotube::::::::

References

secunia.com/advisories/32601

securityreason.com/securityalert/4574

www.securityfocus.com/bid/32223

www.vupen.com/english/advisories/2008/3065

exchange.xforce.ibmcloud.com/vulnerabilities/46501

www.exploit-db.com/exploits/7070

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.081

Percentile

94.4%

JSON

Related for CVE-2008-5042