Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7188


Vulnerability Score 7.5 7.5
CVE Id CVE-2008-7188
Last Modified 10 Sep 2009 12:00:00
Published 09 Sep 2009 01:30:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



ClipShare 2.6 does not properly restrict access to certain functionality, which allows remote attackers to change the profile of arbitrary users via a modified uid variable to siteadmin/useredit.php. NOTE: this can be used to recover the password of the user by using the modified e-mail address in the email parameter to recoverpass.php.

Vulnerable Systems


  • Clip-share Clipshare 2.6


XF - clipshare-useredit-security-bypass(39494)

BID - 27148

MILW0RM - 4837

SECUNIA - 28313

Last Updated: 27 May 2016 10:49:30