CVE-2008-4167

useradmin.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 does not require administrative authentication, which allows remote attackers to (1) add or (2) remove an Administrator account.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
VendorProductVersion
ezphotogalleryezphotogallery
2.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/31774
http://securityreason.com/securityalert/4282
http://www.securityfocus.com/bid/31161
https://exchange.xforce.ibmcloud.com/vulnerabilities/45119
https://www.exploit-db.com/exploits/6437
http://secunia.com/advisories/31774
http://securityreason.com/securityalert/4282
http://www.securityfocus.com/bid/31161
https://exchange.xforce.ibmcloud.com/vulnerabilities/45119
https://www.exploit-db.com/exploits/6437