Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
jvnJapan Vulnerability NotesJVN:34980730
HistoryOct 07, 2011 - 12:00 a.m.

JVN#34980730: A-Form vulnerable in restricting access

2011-10-0700:00:00
Japan Vulnerability Notes
jvn.jp
18

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:P/A:P

EPSS

0.004

Percentile

72.7%

JSON

A-Form is a plug-in for Movable Type that adds mail forms and survey forms. A-Form contains a vulnerability in restricting access permissions.

Impact

Information managed by A-Form may be altered by a user who does not have administrative privileges.

Solution

Update the Software
Update to the latest version according to the information provided by the developer.

Apply a patch
Apply the appropriate patch according to the information provided by the developer.

Products Affected

  • A-Form PC 3.0 and earlier
  • A-Form PC/Mobile 3.0 and earlier
  • A-Form 1.3.5 and earlier
  • A-Form bamboo 1.3.5 and earlier
  • A-Form 2.0.2 and earlier
  • A-Form bamboo 2.0.2 and earlier

Related

cvelist 2
prion 2
cve 2
nvd 2
cvelist
cvelist
CVE-2011-2676
2011-11-03 10:00:00
CVE-2011-4274
2011-11-03 10:00:00
prion
prion
Sql injection
2011-11-03 10:55:00
Cross site scripting
2011-11-03 10:55:00
cve
cve
CVE-2011-2676
2011-11-03 10:55:08
CVE-2011-4274
2011-11-03 10:55:09
nvd
nvd
CVE-2011-2676
2011-11-03 10:55:08
CVE-2011-4274
2011-11-03 10:55:09

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:P/A:P

EPSS

0.004

Percentile

72.7%

JSON
Related for JVN:34980730
cvelist2prion2cve2nvd2