Lucene search
MitreCVE-2008-6882HistoryJul 30, 2009 - 7:30 p.m.
CVE-2008-6882
2009-07-3019:30:00
CWE-20
mitre
web.nvd.nist.gov
22
joomla
com_livechat
http proxy
security vulnerability
network scanning
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.006
Percentile
77.9%
Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET request with a full URL in the query string.
Affected configurations
Node
joomlajoomla
joompolitancom_livechatMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| joomla | joomla | * | cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:* |
| joompolitan | com_livechat | 1.0 | cpe:2.3:a:joompolitan:com_livechat:1.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2008-6882
2009-07-30 19:00:00
nvd
nvd
CVE-2008-6882
2009-07-30 19:30:00
prion
prion
Open redirect
2009-07-30 19:30:00
exploitdb
exploitdb
Joomla! Component live chat - SQL Injection / Open Proxy
2008-12-12 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.006
Percentile
77.9%
Related for CVE-2008-6882