Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3451

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2008-3451
Last Modified 05 Sep 2008 05:43:07
Published 04 Aug 2008 03:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-3451

Summary

PhpWebGallery 1.7.0 and 1.7.1 allows remote authenticated users with advisor privileges to obtain the real e-mail addresses of other users by editing the user's profile.

Vulnerable Systems

Application

  • Phpwebgallery 1.7.0

  • Phpwebgallery 1.7.1


References

BID - 30431

XF - phpwebgallery-adviser-info-disclosure(44101)

MLIST - [oss-security] 20080801 Re: CVE request: phpwebgallery < 1.7.2

SECUNIA - 31232

CONFIRM - http://forum.phpwebgallery.net/viewtopic.php?id=13545

MISC - http://bugs.phpwebgallery.net/view.php?id=769


Last Updated: 27 May 2016 10:48:12