Lucene search

[email protected]CVE-2009-0399

HistoryFeb 03, 2009 - 7:30 p.m.

CVE-2009-0399

2009-02-0319:30:00

CWE-264

CWE-16

[email protected]

web.nvd.nist.gov

chipmunk

blogger

script

cve-2009-0399

administrator

privileges

vulnerability

remote attack

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.5%

JSON

Chipmunk Blogger Script allows remote attackers to gain administrator privileges via a direct request to admin/reguser.php. NOTE: this is only a vulnerability when the administrator does not properly follow installation directions.

Affected configurations

NVD

Node

chipmunk_scriptschipmunk_blogger

CPENameOperatorVersion
chipmunk_scripts:chipmunk_bloggerchipmunk scripts chipmunk bloggereq*

CPE	Name	Operator	Version
chipmunk_scripts:chipmunk_blogger	chipmunk scripts chipmunk blogger	eq	*

References

www.exploit-db.com/exploits/7894

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.5%

JSON

Related for CVE-2009-0399

nvd1 cvelist1 prion1