Lucene search
HistoryDec 17, 2007 - 6:46 p.m.
CVE-2007-6399
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.003
Percentile
71.8%
index.php in Flat PHP Board 1.2 and earlier allows remote authenticated users to obtain the password for the current user account by reading the password parameter value in the HTML source for the page generated by a profile action.
Affected configurations
Node
myupbflat_php_boardRange≤1.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| myupb | flat_php_board | * | cpe:2.3:a:myupb:flat_php_board:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2007-6399
2007-12-17 18:46:00
cvelist
cvelist
CVE-2007-6399
2007-12-17 18:00:00
prion
prion
Default credentials
2007-12-17 18:46:00
exploitdb
exploitdb
Flat PHP Board 1.2 - Multiple Vulnerabilities
2007-12-09 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.003
Percentile
71.8%
Related for NVD:CVE-2007-6399