Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4167

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2008-4167
Last Modified 19 Aug 2009 01:19:30
Published 22 Sep 2008 02:34:16
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4167

Summary

useradmin.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 does not require administrative authentication, which allows remote attackers to (1) add or (2) remove an Administrator account.

Vulnerable Systems

Application

  • Ezphotogallery 2.1


References

XF - easyphotogallery-useradmin-security-bypass(45119)

BID - 31161

MILW0RM - 6437

SREASON - 4282

SECUNIA - 31774


Last Updated: 27 May 2016 10:48:24