CVE-2003-1488

Exploit

EPSS 4.59%
Veröffentlicht 31.12.2003 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The (1) verif_admin.php and (2) check_admin.php scripts in Truegalerie 1.0 allow remote attackers to gain administrator access via a request to admin.php without the connect parameter and with the loggedin parameter set to any value, such as 1.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Truelogik ≫ Truegalerie Version1.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	4.59%	0.89

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://marc.info/?l=vulnwatch&m=105128431109082&w=2

http://secunia.com/advisories/8683

Vendor Advisory

http://www.securityfocus.com/bid/7427

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/11886

https://nvd.nist.gov/vuln/detail/CVE-2003-1488

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2003-1488

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2003-1488

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2003-1488