7.5
CVE-2001-1460
- EPSS 3.28%
- Veröffentlicht 13.10.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:56:19
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the user parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Postnuke Software Foundation ≫ Postnuke Version0.62
Postnuke Software Foundation ≫ Postnuke Version0.63
Postnuke Software Foundation ≫ Postnuke Version0.64
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.28% | 0.868 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://archives.neohapsis.com/archives/bugtraq/2001-10/0088.html
http://archives.neohapsis.com/archives/bugtraq/2001-10/0091.html
http://www.kb.cert.org/vuls/id/921547
http://www.securityfocus.com/bid/3435
https://exchange.xforce.ibmcloud.com/vulnerabilities/7280