Vulnerability Details CVE-2008-3451
PhpWebGallery 1.7.0 and 1.7.1 allows remote authenticated users with advisor privileges to obtain the real e-mail addresses of other users by editing the user's profile.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.7%
CVSS Severity
CVSS v2 Score 4.0
References
- http://bugs.phpwebgallery.net/view.php?id=769
- http://forum.phpwebgallery.net/viewtopic.php?id=13545
- http://secunia.com/advisories/31232
- http://www.openwall.com/lists/oss-security/2008/08/01/3
- http://www.securityfocus.com/bid/30431
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44101
- http://bugs.phpwebgallery.net/view.php?id=769
- http://forum.phpwebgallery.net/viewtopic.php?id=13545
- http://secunia.com/advisories/31232
- http://www.openwall.com/lists/oss-security/2008/08/01/3
- http://www.securityfocus.com/bid/30431
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44101
Products affected by CVE-2008-3451
-
cpe:2.3:a:phpwebgallery:phpwebgallery:1.7.0
-
cpe:2.3:a:phpwebgallery:phpwebgallery:1.7.1