Lucene search
MitreCVE-2008-7181HistorySep 08, 2009 - 10:30 a.m.
CVE-2008-7181
2009-09-0810:30:01
CWE-264
mitre
web.nvd.nist.gov
25
cve
butterfly organizer
remote attack
vulnerability
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.02
Percentile
88.8%
Butterfly Organizer 2.0.0 allows remote attackers to (1) delete arbitrary categories via a modified tablehere parameter to category-delete.php with the is_js_confirmed parameter set to 1, or (2) delete arbitrary accounts via the mytable parameter to delete.php.
Affected configurations
Node
butterflymediabutterfly_organizerMatch2.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| butterflymedia | butterfly_organizer | 2.0.0 | cpe:2.3:a:butterflymedia:butterfly_organizer:2.0.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2008-7181
2009-09-08 10:00:00
nvd
nvd
CVE-2008-7181
2009-09-08 10:30:01
prion
prion
Code injection
2009-09-08 10:30:00
exploitdb
exploitdb
Butterfly ORGanizer 2.0.0 - Arbitrary Delete (Category/Account)
2008-06-13 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.02
Percentile
88.8%
Related for CVE-2008-7181