Vulnerability Details CVE-2006-5909
generaloptions.php in Paul Tarjan Stanford Conference And Research Forum (SCARF) before 20070227 does not require the admin privilege, which allows remote attackers to reconfigure the application or its user accounts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/24311
- http://sourceforge.net/project/shownotes.php?group_id=177652&release_id=489633
- http://www.securityfocus.com/archive/1/450679/100/0/threaded
- http://www.securityfocus.com/archive/1/460196/100/0/threaded
- http://www.securityfocus.com/bid/20934
- http://www.vupen.com/english/advisories/2007/0760
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30037
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32700
- http://secunia.com/advisories/24311
- http://sourceforge.net/project/shownotes.php?group_id=177652&release_id=489633
- http://www.securityfocus.com/archive/1/450679/100/0/threaded
- http://www.securityfocus.com/archive/1/460196/100/0/threaded
- http://www.securityfocus.com/bid/20934
- http://www.vupen.com/english/advisories/2007/0760
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30037
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32700
Products affected by CVE-2006-5909
-
cpe:2.3:a:paul_tarjan:stanford_conference_and_research_forum:beta