Lucene search

K
nvd[email protected]NVD:CVE-2015-0883
HistoryFeb 27, 2015 - 2:59 a.m.

CVE-2015-0883

2015-02-2702:59:35
web.nvd.nist.gov
2
mailform pro cgi
mailauth module
remote attackers
arbitrary code
security vulnerability

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.026

Percentile

90.4%

SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth module is enabled, does not properly send e-mail messages, which allows remote attackers to execute arbitrary code via unspecified vectors.

Affected configurations

Nvd
Node
synck_graphicamailform_pro_cgiMatch4.1.4
OR
synck_graphicamailform_pro_cgiMatch4.1.5
VendorProductVersionCPE
synck_graphicamailform_pro_cgi4.1.4cpe:2.3:a:synck_graphica:mailform_pro_cgi:4.1.4:*:*:*:*:*:*:*
synck_graphicamailform_pro_cgi4.1.5cpe:2.3:a:synck_graphica:mailform_pro_cgi:4.1.5:*:*:*:*:*:*:*

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.026

Percentile

90.4%

Related for NVD:CVE-2015-0883