Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0589

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0589
Last Modified 05 Sep 2008 04:28:25
Published 18 Jun 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0589

Summary

PVote before 1.9 allows remote attackers to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password.

Vulnerable Systems

Application

  • Steve Korbett Pvote 1.0

  • Steve Korbett Pvote 1.0a

  • Steve Korbett Pvote 1.0b

  • Steve Korbett Pvote 1.5


References

BID - 4541

XF - pvote-change-admin-password(8878)

CONFIRM - http://orbit-net.net:8001/php/pvote/

BUGTRAQ - 20020418 [[ TH 026 Inc. ]] SA #1 - Multiple vulnerabilities in PVote 1.5


Last Updated: 27 May 2016 10:36:59