CVE-2008-2134

The Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to obtain access to arbitrary user accounts, and alter or delete data, via a modified username in an unspecified cookie.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
VendorProductVersion
tru-zonenukeet
3.0
tru-zonenukeet
3.1
tru-zonenukeet
3.2
tru-zonenukeet
3.3
tru-zonenukeet
3.4
tru-zonenukeet
3.9
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/30061
http://truzone.org/modules.php?name=Forums&file=viewtopic&p=332746
http://www.mrzayas.es/2008/05/04/multiples-vulnerabilidades-en-nuket-3x/
http://www.securityfocus.com/bid/29080
https://exchange.xforce.ibmcloud.com/vulnerabilities/42239
http://secunia.com/advisories/30061
http://truzone.org/modules.php?name=Forums&file=viewtopic&p=332746
http://www.mrzayas.es/2008/05/04/multiples-vulnerabilidades-en-nuket-3x/
http://www.securityfocus.com/bid/29080
https://exchange.xforce.ibmcloud.com/vulnerabilities/42239