Lucene search
MitreCVE-2009-4808HistoryApr 23, 2010 - 2:30 p.m.
CVE-2009-4808
2010-04-2314:30:01
CWE-287
mitre
web.nvd.nist.gov
29
cve-2009-4808
graugon
php
article publisher
authentication bypass
remote attackers
administrative access
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.012
Percentile
85.8%
admin.php in Graugon PHP Article Publisher 1.0 allows remote attackers to bypass authentication and obtain administrative access by setting the g_admin cookie to 1.
Affected configurations
Node
graugonphp_article_publisherMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| graugon | php_article_publisher | 1.0 | cpe:2.3:a:graugon:php_article_publisher:1.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2009-4808
2010-04-23 14:00:00
exploitdb
exploitdb
Graugon PHP Article Publisher Pro 1.5 - Insecure Cookie Handling
2008-11-01 00:00:00
Graugon PHP Article Publisher 1.0 - SQL Injection / Cookie Handling
2009-03-02 00:00:00
prion
prion
Authentication flaw
2010-04-23 14:30:00
nvd
nvd
CVE-2009-4808
2010-04-23 14:30:01
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.012
Percentile
85.8%
Related for CVE-2009-4808