7.5
CVE-2007-6414
- EPSS 4.22%
- Veröffentlicht 17.12.2007 23:46:00
- Zuletzt bearbeitet 16.06.2026 22:48:01
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Loginadmin/administrator.php in Adult Script 1.6 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication and obtain administrative credentials via a direct request. NOTE: this can be leveraged for arbitrary code execution through a request to admin/videolinks_view.php.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adultscript ≫ Adultscript Version1.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.22% | 0.897 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/28064
http://www.securityfocus.com/bid/26870
https://exchange.xforce.ibmcloud.com/vulnerabilities/39034
https://www.exploit-db.com/exploits/4731