CVE-2008-5673

EUVD-2008-5644
PHParanoid before 0.4 does not properly restrict access to the members area by unauthenticated users, which has unknown impact and remote attack vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
Affected Products (NVD)
VendorProductVersion
phparanoidphparanoid
𝑥
≤ 0.3
phparanoidphparanoid
0.1
phparanoidphparanoid
0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/28847
http://sourceforge.net/project/shownotes.php?release_id=575358
https://exchange.xforce.ibmcloud.com/vulnerabilities/40516
http://secunia.com/advisories/28847
http://sourceforge.net/project/shownotes.php?release_id=575358
https://exchange.xforce.ibmcloud.com/vulnerabilities/40516