Lucene search

[email protected]CVE-2010-4333

HistoryDec 22, 2010 - 3:00 a.m.

CVE-2010-4333

2010-12-2203:00:03

CWE-287

[email protected]

web.nvd.nist.gov

cve

pointter

php micro-blogging

social network

remote attack

authentication bypass

administrative privileges

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.8%

JSON

Pointter PHP Micro-Blogging Social Network 1.8 allows remote attackers to bypass authentication and obtain administrative privileges via arbitrary values of the auser and apass cookies.

Affected configurations

NVD

Node

pangramsoftpointter_php_micro-blogging_social_networkMatch1.8

CPENameOperatorVersion
pangramsoft:pointter_php_micro-blogging_social_networkpangramsoft pointter php micro-blogging social networkeq1.8

CPE	Name	Operator	Version
pangramsoft:pointter_php_micro-blogging_social_network	pangramsoft pointter php micro-blogging social network	eq	1.8

References

www.exploit-db.com/exploits/15741

www.securityfocus.com/archive/1/515306/100/0/threaded

www.uncompiled.com/2010/12/pointter-php-micro-blogging-social-network-unauthorized-privilege-escalation-cve-2010-4333/

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.8%

JSON

Related for CVE-2010-4333

nvd1 prion1 packetstorm1 securityvulns2 seebug1 exploitpack1 cvelist1 exploitdb1