Lucene search
MitreCVE-2008-0329HistoryJan 17, 2008 - 10:00 p.m.
CVE-2008-0329
2008-01-1722:00:00
CWE-264
mitre
web.nvd.nist.gov
27
cve-2008-0329
lulieblog
unauthorized access
remote attackers
security vulnerability
nvd
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.7
Confidence
Low
EPSS
0.01
Percentile
83.9%
LulieBlog 1.0.1 and 1.0.2 does not restrict access to (1) article_suppr.php, (2) comment_accepter.php, and (3) comment_refuser.php in Admin/, which allows remote attackers to accept comments, delete comments, and delete articles via the id parameter.
Affected configurations
Node
julien_plesniaklulieblogMatch1.0.1
ORjulien_plesniaklulieblogMatch1.0.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| julien_plesniak | lulieblog | 1.0.1 | cpe:2.3:a:julien_plesniak:lulieblog:1.0.1:*:*:*:*:*:*:* |
| julien_plesniak | lulieblog | 1.0.2 | cpe:2.3:a:julien_plesniak:lulieblog:1.0.2:*:*:*:*:*:*:* |
Related
prion
prion
Code injection
2008-01-17 22:00:00
cvelist
cvelist
CVE-2008-0329
2008-01-17 21:07:00
nvd
nvd
CVE-2008-0329
2008-01-17 22:00:00
exploitdb
exploitdb
LulieBlog 1.0.1 - Remote Authentication Bypass
2008-01-15 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.7
Confidence
Low
EPSS
0.01
Percentile
83.9%
Related for CVE-2008-0329