Lucene search

[email protected]NVD:CVE-2007-4637

HistoryAug 31, 2007 - 11:17 p.m.

CVE-2007-4637

2007-08-3123:17:00

[email protected]

web.nvd.nist.gov

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

AI Score

Confidence

Low

EPSS

0.014

Percentile

86.6%

JSON

xGB.php in xGB 2.0 does not require authentication for an admin edit action, which allows remote attackers to make unspecified changes via an unknown series of steps.

Affected configurations

Nvd

Node

xgbxgbMatch2.0

VendorProductVersionCPE
xgbxgb2.0cpe:2.3:a:xgb:xgb:2.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
xgb	xgb	2.0	cpe:2.3:a:xgb:xgb:2.0:::::::*

References

www.exploit-db.com/exploits/4336

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

AI Score

Confidence

Low

EPSS

0.014

Percentile

86.6%

JSON

Related for NVD:CVE-2007-4637

cve1 prion1 cvelist1 exploitdb1