CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-4180

Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force attacks against passwords via a username in the g_dbuser parameter and a password in the g_dbpwd parameter, and possibly a "localhost" g_dbhost parameter value, related to a "Mysql Remote Brute Force Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.3%

CVSS Severity

CVSS v2 Score 5.0

References

http://securityreason.com/securityalert/4289
http://www.securityfocus.com/archive/1/496236/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/45076
http://securityreason.com/securityalert/4289
http://www.securityfocus.com/archive/1/496236/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/45076

Products affected by CVE-2008-4180

Nooms » Nooms » Version: 1.1

cpe:2.3:a:nooms:nooms:1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-4180

Products

Pricing

Contact Us