Lucene search
HistorySep 26, 2007 - 11:17 p.m.
CVE-2007-5113
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.02
Percentile
89.1%
report.cgi in Google Urchin allows remote attackers to bypass authentication and obtain sensitive information (web server logs) via certain modified query parameters, as demonstrated using the profile, rid, prefs, n, vid, bd, ed, dt, and gtype parameters, a different vulnerability than CVE-2007-5112.
Affected configurations
Node
roi_revolutionurchinRange≤5.7.03
| Vendor | Product | Version | CPE |
|---|---|---|---|
| roi_revolution | urchin | * | cpe:2.3:a:roi_revolution:urchin:*:*:*:*:*:*:*:* |
Related
prion
prion
Authentication flaw
2007-09-26 23:17:00
Cross site scripting
2007-09-26 23:17:00
cvelist
cvelist
CVE-2007-5113
2007-09-26 23:00:00
CVE-2007-5112
2007-09-26 23:00:00
cve
cve
CVE-2007-5113
2007-09-26 23:17:00
CVE-2007-5112
2007-09-26 23:17:00
exploitdb
exploitdb
Google Urchin 5.7.3 - 'Report.cgi' Authentication Bypass
2007-10-11 00:00:00
Urchin 5.7.x - 'session.cgi' Cross-Site Scripting
2007-09-24 00:00:00
nvd
nvd
CVE-2007-5112
2007-09-26 23:17:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.02
Percentile
89.1%
Related for NVD:CVE-2007-5113