Lucene search

[email protected]CVE-2010-4332

HistoryDec 22, 2010 - 3:00 a.m.

CVE-2010-4332

2010-12-2203:00:00

CWE-287

[email protected]

web.nvd.nist.gov

cve-2010-4332

remote attackers

authentication bypass

administrative privileges

nvd

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.014 Low

EPSS

Percentile

86.4%

JSON

Pointter PHP Content Management System 1.0 allows remote attackers to bypass authentication and obtain administrative privileges via arbitrary values of the auser and apass cookies.

CPENameOperatorVersion
pangramsoft:pointter_php_content_management_systempangramsoft pointter php content management systemeq1.0

CPE	Name	Operator	Version
pangramsoft:pointter_php_content_management_system	pangramsoft pointter php content management system	eq	1.0

References

secunia.com/advisories/42662

www.exploit-db.com/exploits/15740

www.securityfocus.com/archive/1/515314/100/0/threaded

www.uncompiled.com/2010/12/pointter-php-content-management-system-unauthorized-privilege-escalation-cve-2010-4332/

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.014 Low

EPSS

Percentile

86.4%

JSON

Related for CVE-2010-4332

securityvulns2 exploitpack1 seebug1 packetstorm1 prion1 exploitdb1