mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
88 lines
2.4 KiB
JSON
88 lines
2.4 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2008-7024",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "admin.php in Arz Development The Gemini Portal 4.7 and earlier allows remote attackers to bypass authentication and gain administrator privileges by setting the user cookie to \"admin\" and setting the name parameter to \"users.\""
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "20080926 The Gemini Portal <= 4.7 / Insecure Cookie Handling Vulnerability",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://www.securityfocus.com/archive/1/496761/100/0/threaded"
|
|
},
|
|
{
|
|
"name" : "6584",
|
|
"refsource" : "EXPLOIT-DB",
|
|
"url" : "https://www.exploit-db.com/exploits/6584"
|
|
},
|
|
{
|
|
"name" : "31429",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/31429"
|
|
},
|
|
{
|
|
"name" : "48639",
|
|
"refsource" : "OSVDB",
|
|
"url" : "http://osvdb.org/48639"
|
|
},
|
|
{
|
|
"name" : "32057",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/32057"
|
|
},
|
|
{
|
|
"name" : "geminiportal-admin-security-bypass(45439)",
|
|
"refsource" : "XF",
|
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45439"
|
|
}
|
|
]
|
|
}
|
|
}
|