CVE-2009-4467

EUVD-2009-4434
misc.php in DeluxeBB 1.3 allows remote attackers to register accounts without a valid email address via a valemail action with the valmem set to a pre-assigned user ID, which is visible from a memberlist action.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
Affected Products (NVD)
VendorProductVersion
deluxebbdeluxebb
1.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.exploit-db.com/exploits/10598
http://www.securityfocus.com/bid/37448
https://exchange.xforce.ibmcloud.com/vulnerabilities/54979
http://www.exploit-db.com/exploits/10598
http://www.securityfocus.com/bid/37448
https://exchange.xforce.ibmcloud.com/vulnerabilities/54979