CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Yazd: >> Yazd Discussion Forum Security Vulnerabilities

CVE-2006-5729

Yazd Discussion Forum before 3.0 beta does not properly manage forum permissions, which allows remote authenticated users to (1) reply to a message in an arbitrary forum, if authorized to create a message in any forum; and (2) perform certain unauthorized forum actions, related to an "error in how the permissions were assembled" that assigns extra permissions to users.

CVSS Score

6.5

EPSS Score

0.006

Published

2006-11-06

Page 1

Vulnerabilities

Vulnerable Software

Yazd: >> Yazd Discussion Forum Security Vulnerabilities

Products

Pricing

Contact Us