Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2080


Vulnerability Score 7.5 7.5
CVE Id CVE-2009-2080
Last Modified 17 Jun 2009 12:00:00
Published 16 Jun 2009 03:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



admin.php in MRCGIGUY The Ticket System 2.0 does not properly restrict access, which allows remote attackers to (1) obtain sensitive configuration information via the editconfig action or (2) change the administrator's password via the id parameter in an editop action.

Vulnerable Systems


  • Mrcgiguy The Ticket System 2.0


XF - ticketsystem-admin-security-bypass(51029)

MILW0RM - 8917

SECUNIA - 35350

Last Updated: 27 May 2016 10:50:46