Lucene search

MitreCVE-2008-3211

HistoryJul 18, 2008 - 3:13 p.m.

CVE-2008-3211

2008-07-1815:13:00

CWE-287

mitre

web.nvd.nist.gov

cve-2008-3211

image hosting

scripteen

authentication bypass

remote attack

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.017

Percentile

87.9%

JSON

Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote attackers to bypass authentication and gain administrative access by setting the cookid cookie value to 1.

Affected configurations

Nvd

Node

scripteenfree_image_hosting_scriptMatch1.2

scripteenfree_image_hosting_scriptMatch1.2.1

VendorProductVersionCPE
scripteenfree_image_hosting_script1.2cpe:2.3:a:scripteen:free_image_hosting_script:1.2:*:*:*:*:*:*:*
scripteenfree_image_hosting_script1.2.1cpe:2.3:a:scripteen:free_image_hosting_script:1.2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
scripteen	free_image_hosting_script	1.2	cpe:2.3:a:scripteen:free_image_hosting_script:1.2:::::::*
scripteen	free_image_hosting_script	1.2.1	cpe:2.3:a:scripteen:free_image_hosting_script:1.2.1:::::::*

References

secunia.com/advisories/31083

securityreason.com/securityalert/4014

www.securityfocus.com/bid/30217

www.vupen.com/english/advisories/2008/2106/references

exchange.xforce.ibmcloud.com/vulnerabilities/43771

www.exploit-db.com/exploits/6070

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.017

Percentile

87.9%

JSON

Related for CVE-2008-3211