Lucene search

[email protected]CVE-2009-4675

HistoryMar 05, 2010 - 6:30 p.m.

CVE-2009-4675

2010-03-0518:30:00

CWE-287

[email protected]

web.nvd.nist.gov

cve-2009-4675

information security

mole group gastro portal

remote authentication

admin password

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

83.2%

JSON

admin/admin_info/index.php in the Mole Group Gastro Portal (Restaurant Directory) Script does not require administrative authentication, which allows remote attackers to change the admin password via an unspecified form submission.

Affected configurations

NVD

Node

mole-groupgastro_portal_\(restaurant_directory\)_scriptMatch-

CPENameOperatorVersion
mole-group:gastro_portal_\(restaurant_directory\)_scriptmole-group gastro portal (restaurant directory) scripteq-

CPE	Name	Operator	Version
mole-group:gastro_portal_\(restaurant_directory\)_script	mole-group gastro portal (restaurant directory) script	eq	-

References

www.exploit-db.com/exploits/8775

www.securityfocus.com/bid/35079

exchange.xforce.ibmcloud.com/vulnerabilities/50723

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

83.2%

JSON

Related for CVE-2009-4675

nvd1 prion1 cvelist1