CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
94.4%
Multiple products provided by PHP Factory contain multiple vulnerabilities listed below.
Cross-site Request Forgery (CWE-352) - CVE-2020-5615
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | Base Score: 4.3 |
CVSS v2 | AV:N/AC:H/Au:N/C:N/I:P/A:N | Base Score: 2.6 |
Authentication bypass (CWE-287) - CVE-2020-5616
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N | Base Score: 4.8 |
CVSS v2 | AV:N/AC:H/Au:N/C:P/I:P/A:N | Base Score: 4.0 |
Update the software - CVE-2020-5615
Update the software to the latest version according to the information provided by the developer.
Add code to the affected file - CVE-2020-5616
Add code to the affected file according to the information provided by the developer.
CVE-2020-5615
[Calendar01] free edition ver1.0.0
[Calendar02] free edition ver1.0.0
CVE-2020-5616
[Calendar01] free edition ver1.0.0
[Calendar02] free edition ver1.0.0
[PKOBO-News01] free edition ver1.0.3 and earlier
[PKOBO-vote01] free edition ver1.0.1 and earlier
[Telop01] free edition ver1.0.0
[Gallery01] free edition ver1.0.3 and earlier
[CalendarForm01] free edition ver1.0.3 and earlier
[Link01] free edition ver1.0.0
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
94.4%