CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-4657

The administrator package for Xerver 4.32 does not require authentication, which allows remote attackers to alter application settings by connecting to the application on port 32123, as demonstrated by setting the action option to wizardStep1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.7%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.exploit-db.com/exploits/9717
http://www.securityfocus.com/bid/36454
http://www.exploit-db.com/exploits/9717
http://www.securityfocus.com/bid/36454

Products affected by CVE-2009-4657

Omidrouhani » Xerver » Version: 4.32

cpe:2.3:a:omidrouhani:xerver:4.32

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4657

Products

Pricing

Contact Us