CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-6785

The (1) settings.php and (2) subscribers.php scripts in Open Newsletter 2.5 and earlier do not exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions, or execute arbitrary code in conjunction with another vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.094

EPSS Ranking 92.5%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/23476
http://www.securityfocus.com/bid/21775
https://www.exploit-db.com/exploits/2981
http://secunia.com/advisories/23476
http://www.securityfocus.com/bid/21775
https://www.exploit-db.com/exploits/2981

Products affected by CVE-2006-6785

Open Newsletter » Open Newsletter » Version: Any

cpe:2.3:a:open_newsletter:open_newsletter:*
Open Newsletter » Open Newsletter » Version: 2.0

cpe:2.3:a:open_newsletter:open_newsletter:2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-6785

Products

Pricing

Contact Us