CVE-2009-4467

Sažetak

misc.php in DeluxeBB 1.3 allows remote attackers to register accounts without a valid email address via a valemail action with the valmem set to a pre-assigned user ID, which is visible from a memberlist action.

Reference

http://www.exploit-db.com/exploits/10598
http://www.securityfocus.com/bid/37448
https://exchange.xforce.ibmcloud.com/vulnerabilities/54979

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:N/I:P/A:N

Zadnje važnije ažuriranje

17-08-2017 - 01:31

Objavljeno

30-12-2009 - 20:00