Lucene search

MitreCVE-2006-1276

HistoryMar 19, 2006 - 11:06 a.m.

CVE-2006-1276

2006-03-1911:06:00

mitre

web.nvd.nist.gov

cve-2006-1276

php

simplenews

authentication bypass

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.01

Percentile

83.4%

JSON

admin.php in Himpfen Consulting Company PHP SimpleNEWS 1.0.0 allows remote attackers to bypass authentication by setting the admin parameter in a cookie.

Affected configurations

Nvd

Node

himpfen_consultingphp_simplenewsRange≤1.0.0

VendorProductVersionCPE
himpfen_consultingphp_simplenews*cpe:2.3:a:himpfen_consulting:php_simplenews:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
himpfen_consulting	php_simplenews	*	cpe:2.3:a:himpfen_consulting:php_simplenews::::::::

References

evuln.com/vulns/94/summary.html

secunia.com/advisories/19195

securityreason.com/securityalert/613

www.osvdb.org/23803

www.securityfocus.com/archive/1/428427

www.securityfocus.com/bid/17186

www.vupen.com/english/advisories/2006/0913

exchange.xforce.ibmcloud.com/vulnerabilities/25177

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.01

Percentile

83.4%

JSON

Related for CVE-2006-1276