PHParanoid before 0.4 does not properly restrict access to the members area by unauthenticated users, which has unknown impact and remote attack vectors.
References
Link | Resource |
---|---|
http://secunia.com/advisories/28847 | Vendor Advisory |
http://sourceforge.net/project/shownotes.php?release_id=575358 | Patch Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/40516 |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2008-12-19 01:52
Updated : 2024-02-28 11:21
NVD link : CVE-2008-5673
Mitre link : CVE-2008-5673
CVE.ORG link : CVE-2008-5673
JSON object : View
Products Affected
phparanoid
- phparanoid
CWE
CWE-264
Permissions, Privileges, and Access Controls