CVE-2008-0350

EUVD-2008-0360
admin/index.php in Evilsentinel 1.0.9 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to gain administrative privileges and make arbitrary configuration changes.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
Affected Products (NVD)
VendorProductVersion
evilsentinelevilsentinel
𝑥
≤ 1.0.9
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://evilsentinel.altervista.org/forum/index.php?topic=49.0
http://secunia.com/advisories/28427
http://www.securityfocus.com/bid/27227
https://www.exploit-db.com/exploits/4884
http://evilsentinel.altervista.org/forum/index.php?topic=49.0
http://secunia.com/advisories/28427
http://www.securityfocus.com/bid/27227
https://www.exploit-db.com/exploits/4884