CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
60.5%
The forum module in NullLogic Groupware 1.2.7 allows remote authenticated users to cause a denial of service (application crash) by specifying (1) an empty string or (2) a non-numeric string when selecting a forum, related to the fmessagelist function.
Vendor | Product | Version | CPE |
---|---|---|---|
dan_cahill | nulllogic_groupware | 1.2.7 | cpe:2.3:a:dan_cahill:nulllogic_groupware:1.2.7:*:*:*:*:*:*:* |