Lucene search

K
cve[email protected]CVE-2008-6665
HistoryApr 08, 2009 - 10:30 a.m.

CVE-2008-6665

2009-04-0810:30:00
CWE-94
web.nvd.nist.gov
19
cve-2008-6665
ananta cms
change.php
code injection
vulnerability
nvd

7.6 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.8%

change.php in Ananta CMS 1.0b5, with magic_quotes_gpc disabled, allows remote attackers to gain administrator privileges via a crafted email parameter, possibly related to code injection.

Affected configurations

NVD
Node
anantasoftananta_cmsMatch1.0b5

7.6 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.8%

Related for CVE-2008-6665