Vulnerability Details CVE-2008-0350
admin/index.php in Evilsentinel 1.0.9 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to gain administrative privileges and make arbitrary configuration changes.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://evilsentinel.altervista.org/forum/index.php?topic=49.0
- http://secunia.com/advisories/28427
- http://www.securityfocus.com/bid/27227
- https://www.exploit-db.com/exploits/4884
- http://evilsentinel.altervista.org/forum/index.php?topic=49.0
- http://secunia.com/advisories/28427
- http://www.securityfocus.com/bid/27227
- https://www.exploit-db.com/exploits/4884
Products affected by CVE-2008-0350
-
cpe:2.3:a:evilsentinel:evilsentinel:*