5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.6 Medium
AI Score
Confidence
Low
0.034 Low
EPSS
Percentile
91.5%
generaloptions.php in Paul Tarjan Stanford Conference And Research Forum (SCARF) before 20070227 does not require the admin privilege, which allows remote attackers to reconfigure the application or its user accounts.
secunia.com/advisories/24311
sourceforge.net/project/shownotes.php?group_id=177652&release_id=489633
www.securityfocus.com/archive/1/450679/100/0/threaded
www.securityfocus.com/archive/1/460196/100/0/threaded
www.securityfocus.com/bid/20934
www.vupen.com/english/advisories/2007/0760
exchange.xforce.ibmcloud.com/vulnerabilities/30037
exchange.xforce.ibmcloud.com/vulnerabilities/32700