Lucene search
MitreCVE-2009-3180HistorySep 11, 2009 - 8:30 p.m.
CVE-2009-3180
2009-09-1120:30:01
CWE-255
mitre
web.nvd.nist.gov
19
anantasoft gazelle cms
password reset
vulnerability
remote attack
renew.php
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.1
Confidence
Low
EPSS
0.005
Percentile
77.4%
Anantasoft Gazelle CMS 1.0 allows remote attackers to conduct a password reset for other users via a modified user parameter to renew.php.
Affected configurations
Node
anantasoftgazelle_cmsMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| anantasoft | gazelle_cms | 1.0 | cpe:2.3:a:anantasoft:gazelle_cms:1.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2009-3180
2009-09-11 20:00:00
nvd
nvd
CVE-2009-3180
2009-09-11 20:30:01
prion
prion
Design/Logic Flaw
2009-09-11 20:30:00
exploitdb
exploitdb
Gazelle CMS 1.0 - Multiple Vulnerabilities / Remote Code Execution
2009-08-12 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.1
Confidence
Low
EPSS
0.005
Percentile
77.4%
Related for CVE-2009-3180