Lucene search

[email protected]NVD:CVE-2006-5737

HistoryNov 06, 2006 - 6:07 p.m.

CVE-2006-5737

2006-11-0618:07:00

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

PunBB uses a predictable cookie_seed value that can be derived from the time of registration of the superadmin account (installation time), which might allow local users to perform unauthorized actions.

Affected configurations

NVD

Node

punbbpunbbMatch1.2.14

References

securitytracker.com/id?1017131

www.osvdb.org/30134

www.securityfocus.com/archive/1/450055/100/0/threaded

www.wargan.org/index.php/2006/10/29/4-punbb-1213-multiple-vulnerabilities

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2006-5737

cve2 cvelist2 nvd1 prion1