7.5
CVE-2008-2682
- EPSS 2.53%
- Veröffentlicht 12.06.2008 12:21:00
- Zuletzt bearbeitet 16.06.2026 22:54:13
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Login_RealmAdmin/login.asp in Realm CMS 2.3 and earlier allows remote attackers to bypass authentication and access admin pages via certain modified cookies, probably including (1) cUserRole, (2) cUserName, and (3) cUserID.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Realm Project ≫ Realm Cms Version2.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.53% | 0.828 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://bugreport.ir/index.php?/40
http://secunia.com/advisories/30583
http://www.securityfocus.com/bid/29616
https://www.exploit-db.com/exploits/5766
https://exchange.xforce.ibmcloud.com/vulnerabilities/42960