Lucene search

[email protected]CVE-2008-6745

HistoryApr 23, 2009 - 5:30 p.m.

CVE-2008-6745

2009-04-2317:30:01

CWE-20

[email protected]

web.nvd.nist.gov

cve-2008-6745

blogphp 2.0

remote attackers

administrator privileges

crafted email parameter

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

88.0%

JSON

index.php in BlogPHP 2.0 allows remote attackers to gain administrator privileges via a crafted email parameter in a register2 action.

Affected configurations

NVD

Node

blogphpblogphpMatch2.0

CPENameOperatorVersion
blogphp:blogphpblogphpeq2.0

CPE	Name	Operator	Version
blogphp:blogphp	blogphp	eq	2.0

References

www.securityfocus.com/bid/29898

exchange.xforce.ibmcloud.com/vulnerabilities/43275

www.exploit-db.com/exploits/5909

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

88.0%

JSON

Related for CVE-2008-6745

nvd1 cvelist1 prion1