Lucene search

[email protected]CVE-2008-6723

HistoryApr 14, 2009 - 4:26 p.m.

CVE-2008-6723

2009-04-1416:26:56

CWE-287

[email protected]

web.nvd.nist.gov

cve-2008-6723

turnkeyforms entertainment portal

authentication bypass

remote attack

administrative access

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.05 Low

EPSS

Percentile

92.9%

JSON

TurnkeyForms Entertainment Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLogged cookie to Administrator.

Affected configurations

NVD

Node

turnkeyformsentertainment_portalMatch2.0

CPENameOperatorVersion
turnkeyforms:entertainment_portalturnkeyforms entertainment portaleq2.0

CPE	Name	Operator	Version
turnkeyforms:entertainment_portal	turnkeyforms entertainment portal	eq	2.0

References

osvdb.org/49749

secunia.com/advisories/32535

www.securityfocus.com/bid/32174

exchange.xforce.ibmcloud.com/vulnerabilities/46422

www.exploit-db.com/exploits/7028

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.05 Low

EPSS

Percentile

92.9%

JSON

Related for CVE-2008-6723

nvd1 cvelist1 prion1