Lucene search

[email protected]NVD:CVE-2008-7192

HistorySep 09, 2009 - 7:30 p.m.

CVE-2008-7192

2009-09-0919:30:00

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.002

Percentile

60.3%

JSON

Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for requests that delete private messages via the pmID parameter in a delete action in a PM page, a different vulnerability than CVE-2008-0472.

Affected configurations

Nvd

Node

woltlabburning_boardMatch3.0.1

VendorProductVersionCPE
woltlabburning_board3.0.1cpe:2.3:a:woltlab:burning_board:3.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
woltlab	burning_board	3.0.1	cpe:2.3:a:woltlab:burning_board:3.0.1:::::::*

References

www.securityfocus.com/archive/1/487139/100/200/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/39990

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.002

Percentile

60.3%

JSON

Related for NVD:CVE-2008-7192

prion2 cve2 cvelist2 openvas2 nvd1 exploitdb1