Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/21 6:36 p.m.6 views

CVE-2009-5076

CRE Loaded before 6.2.14, and possibly other versions before 6.3.x, allows remote attackers to bypass authentication and gain administrator privileges via a request with 1 login.php or 2 passwordforgotten.php appended as the PATHINFO, which bypasses a check that uses PHPSELF, which is not properl...

7.5CVSS7.6AI score0.01409EPSS
Exploits1References1
NVD
NVD
added 2011/06/08 10:36 a.m.9 views

CVE-2009-5076

CRE Loaded before 6.2.14, and possibly other versions before 6.3.x, allows remote attackers to bypass authentication and gain administrator privileges via a request with 1 login.php or 2 passwordforgotten.php appended as the PATHINFO, which bypasses a check that uses PHPSELF, which is not properl...

7.5CVSS7.2AI score0.01409EPSS
Exploits1References2
Cvelist
Cvelist
added 2011/06/08 10:0 a.m.34 views

CVE-2009-5076

CRE Loaded before 6.2.14, and possibly other versions before 6.3.x, allows remote attackers to bypass authentication and gain administrator privileges via a request with 1 login.php or 2 passwordforgotten.php appended as the PATHINFO, which bypasses a check that uses PHPSELF, which is not properl...

7.2AI score0.01409EPSS
Exploits1References2
CVE
CVE
added 2011/06/08 10:0 a.m.39 views

CVE-2009-5076

CVE-2009-5076 affects CRE Loaded prior to 6.3.x (and possibly other versions before 6.3.x) where authentication can be bypassed via PATH_INFO by requesting login.php or password_forgotten.php, exploiting improper handling of PHP_SELF in includes/application_top.php and admin/includes/application_...

7.5CVSS7.4AI score0.01409EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder