CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-3938

Cross-site request forgery (CSRF) vulnerability in user_admin.php in Open Media Collectors Database (OpenDb) 1.0.6 allows remote attackers to change arbitrary passwords via an update_password action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.2%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 5.8

References

http://packetstorm.linuxsecurity.com/0808-exploits/omcd-xssxsrf.txt
http://secunia.com/advisories/31719
http://packetstorm.linuxsecurity.com/0808-exploits/omcd-xssxsrf.txt
http://secunia.com/advisories/31719

Products affected by CVE-2008-3938

Opendb » Opendb » Version: 1.0.6

cpe:2.3:a:opendb:opendb:1.0.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-3938

Products

Pricing

Contact Us