Vulnerability Details CVE-2004-2155
Online-bookmarks before 0.4.6 allows remote attackers to bypass its authentication mechanism via a direct request to (1) config/*, (2) bookmarks.php, (3) footer.php, (4) main.php, (5) tree.php, or (6) functions.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://freshmeat.net/projects/onlinebookmarks/?branch_id=34962&release_id=174401
- http://secunia.com/advisories/12728/
- http://www.securityfocus.com/bid/11305
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17602
- http://freshmeat.net/projects/onlinebookmarks/?branch_id=34962&release_id=174401
- http://secunia.com/advisories/12728/
- http://www.securityfocus.com/bid/11305
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17602
Products affected by CVE-2004-2155
-
cpe:2.3:a:online-bookmarks:web_based_bookmark_application:0.4
-
cpe:2.3:a:online-bookmarks:web_based_bookmark_application:0.4.2
-
cpe:2.3:a:online-bookmarks:web_based_bookmark_application:0.4.4