Lucene search

K
nvd[email protected]NVD:CVE-2009-4232
HistoryDec 08, 2009 - 7:30 p.m.

CVE-2009-4232

2009-12-0819:30:00
CWE-287
web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.6%

The Kide Shoutbox (com_kide) component 0.4.6 for Joomla! does not properly perform authentication, which allows remote attackers to post messages with an arbitrary account name via an insertar action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD
Node
jonijnmcom_kideMatch0.4.6
AND
joomlajoomla\!

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.6%

Related for NVD:CVE-2009-4232