Lucene search
PRIOn knowledge basePRION:CVE-2008-4125HistorySep 18, 2008 - 5:59 p.m.
Cross site scripting
2008-09-1817:59:00
PRIOn knowledge base
www.prio-n.com
1
6.7 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
69.0%
The search function in phpBB 2.x provides a search_id value that leaks the state of PHP’s PRNG, which allows remote attackers to obtain potentially sensitive information, as demonstrated by a cross-application attack against WordPress, a different vulnerability than CVE-2006-0632.
Related
cve
cve
CVE-2008-4125
2008-09-18 17:59:00
CVE-2006-0632
2006-02-10 11:02:00
ubuntucve
ubuntucve
CVE-2008-4125
2008-09-18 00:00:00
CVE-2006-0632
2006-02-10 00:00:00
prion
prion
Design/Logic Flaw
2006-02-10 11:02:00
6.7 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
69.0%
Related for PRION:CVE-2008-4125