CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-2629

Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers to bypass authorization via vectors related to the (1) importForm, (2) importFeed, (3) addFavorite, or (4) removeFavorite actions in action.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.7%

CVSS Severity

CVSS v2 Score 5.0

References

http://seclists.org/bugtraq/2013/Dec/107
http://www.csnc.ch/misc/files/advisories/CSNC-2013-005-006-007_Leed_Multiple_vulns.txt
http://seclists.org/bugtraq/2013/Dec/107
http://www.csnc.ch/misc/files/advisories/CSNC-2013-005-006-007_Leed_Multiple_vulns.txt

Products affected by CVE-2013-2629

Idleman » Leed » Version: 1.4

cpe:2.3:a:idleman:leed:1.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-2629

Products

Pricing

Contact Us