CVE-2007-3643

2007-07-1001:00:00

mitre

www.cve.org

6.7 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON

admin/index.php in AV Arcade 2.1b grants administrative privileges when the ava_userid cookie value is 1, which allows remote attackers to perform certain administrative actions.

References

osvdb.org/38952

securityreason.com/securityalert/2871

www.securityfocus.com/archive/1/472666/100/0/threaded

www.securityfocus.com/bid/24736/info

exchange.xforce.ibmcloud.com/vulnerabilities/35234