Lucene search
HistoryDec 30, 2009 - 8:00 p.m.
CVE-2009-4467
deluxebb
1.3
cve-2009-4467
remote account registration
vulnerability
nvd
security advisory
6.5 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
53.7%
misc.php in DeluxeBB 1.3 allows remote attackers to register accounts without a valid email address via a valemail action with the valmem set to a pre-assigned user ID, which is visible from a memberlist action.
Affected configurations
Node
deluxebbdeluxebbMatch1.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| deluxebb:deluxebb | deluxebb | eq | 1.3 |
Related
prion
prion
Deserialization of untrusted data
2009-12-30 20:00:00
cvelist
cvelist
CVE-2009-4467
2009-12-30 19:00:00
nvd
nvd
CVE-2009-4467
2009-12-30 20:00:01
seebug
seebug
DeluxeBB存在多个安全漏洞
2010-01-06 00:00:00
openvas
openvas
DeluxeBB Multiple Vulnerabilities
2010-01-22 00:00:00
DeluxeBB Multiple Vulnerabilities
2010-01-22 00:00:00
6.5 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
53.7%
Related for CVE-2009-4467