Vulnerability Details CVE-2007-4230
BellaBiblio allows remote attackers to gain administrative privileges via a bellabiblio cookie with the value "administrator." NOTE: this issue is disputed by CVE and multiple third parties because the cookie value must be an MD5 hash
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/39032
- http://securityreason.com/securityalert/2991
- http://www.attrition.org/pipermail/vim/2007-July/001733.html
- http://www.attrition.org/pipermail/vim/2007-July/001736.html
- http://www.attrition.org/pipermail/vim/2007-July/001745.html
- http://www.securityfocus.com/archive/1/475103/100/0/threaded
- http://www.securityfocus.com/bid/25140
- http://osvdb.org/39032
- http://securityreason.com/securityalert/2991
- http://www.attrition.org/pipermail/vim/2007-July/001733.html
- http://www.attrition.org/pipermail/vim/2007-July/001736.html
- http://www.attrition.org/pipermail/vim/2007-July/001745.html
- http://www.securityfocus.com/archive/1/475103/100/0/threaded
- http://www.securityfocus.com/bid/25140
Products affected by CVE-2007-4230
-
cpe:2.3:a:jems_scripts:bellabiblio:*