6.8

CVE-2008-7024

Exploit
admin.php in Arz Development The Gemini Portal 4.7 and earlier allows remote attackers to bypass authentication and gain administrator privileges by setting the user cookie to "admin" and setting the name parameter to "users."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ArzdevGemini Lite Version3.5
ArzdevGemini Lite Version3.6
ArzdevGemini Portal Version4.7
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.53% 0.829
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/32057
Vendor Advisory
http://osvdb.org/48639
http://www.securityfocus.com/archive/1/496761/100/0/threaded
http://www.securityfocus.com/bid/31429
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/45439
https://www.exploit-db.com/exploits/6584