Lucene search
K

7 matches found

CVE
CVE
added 2014/01/26 1:0 a.m.59 views

CVE-2013-7137

CVE-2013-7137 affects Burden prior to 1.8.1. The vulnerability arises from insufficient validation of the burden_user_rememberme cookie, allowing remote unauthenticated users to set the cookie to 1 and gain administrative privileges via the login mechanism. Impact is authentication bypass with po...

9.8CVSS9.6AI score0.16075EPSS
Exploits6References6Affected Software1
Exploit DB
Exploit DB
added 2014/01/14 12:0 a.m.57 views

Burden 1.8 - Authentication Bypass

Advisory ID: HTB23192 Product: Burden Vendor: Josh Fradley Vulnerable Versions: 1.8 and probably prior Tested Version: 1.8 Advisory Publication: December 18, 2013 without technical details Vendor Notification: December 18, 2013 Vendor Patch: December 18, 2013 Public Disclosure: January 8, 2014...

9.8CVSS9.1AI score0.16075EPSS
Exploits6
0day.today
0day.today
added 2014/01/14 12:0 a.m.54 views

Burden 1.8 - Authentication Bypass Vulnerability

Exploit for php platform in category web applications Product: Burden Vendor: Josh Fradley Vulnerable Versions: 1.8 and probably prior Tested Version: 1.8 Advisory Publication: December 18, 2013 without technical details Vendor Notification: December 18, 2013 Vendor Patch: December 18, 2013 Publi...

7.5CVSS9.2AI score0.16075EPSS
Exploits6
exploitpack
exploitpack
added 2014/01/14 12:0 a.m.55 views

Burden 1.8 - Authentication Bypass

Burden 1.8 - Authentication Bypass Advisory ID: HTB23192 Product: Burden Vendor: Josh Fradley Vulnerable Versions: 1.8 and probably prior Tested Version: 1.8 Advisory Publication: December 18, 2013 without technical details Vendor Notification: December 18, 2013 Vendor Patch: December 18, 2013...

7.5CVSS0.8AI score0.16075EPSS
Exploits6
securityvulns
securityvulns
added 2014/01/09 12:0 a.m.76 views

Improper Authentication in Burden

Advisory ID: HTB23192 Product: Burden Vendor: Josh Fradley Vulnerable Versions: 1.8 and probably prior Tested Version: 1.8 Advisory Publication: December 18, 2013 without technical details Vendor Notification: December 18, 2013 Vendor Patch: December 18, 2013 Public Disclosure: January 8, 2014...

7.5CVSS10AI score0.16075EPSS
Exploits6
Packet Storm
Packet Storm
added 2014/01/08 12:0 a.m.57 views

Burden 1.8 Privilege Escalation

Advisory ID: HTB23192 Product: Burden Vendor: Josh Fradley Vulnerable Versions: 1.8 and probably prior Tested Version: 1.8 Advisory Publication: December 18, 2013 without technical details Vendor Notification: December 18, 2013 Vendor Patch: December 18, 2013 Public Disclosure: January 8, 2014...

7.5CVSS0.7AI score0.16075EPSS
Exploits6
htbridge
htbridge
added 2013/12/18 12:0 a.m.37 views

Improper Authentication in Burden

High-Tech Bridge Security Research Lab discovered vulnerability in application authentication mechanism in Burden, which can be exploited by remote non-authenticated attacker to gain administrative access to the vulnerable application. 1 Improper Authentication in Burden: CVE-2013-7137 The...

7.5CVSS9.4AI score0.16075EPSS
Exploits6Affected Software1
Rows per page
Query Builder