CVE-2007-3591

{"id": "CVE-2007-3591", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-07-06T18:30:00.000", "references": [{"url": "http://osvdb.org/37819", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25926", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://sourceforge.net/project/shownotes.php?release_id=520558&group_id=175118", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/24763", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35261", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/37819", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/25926", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://sourceforge.net/project/shownotes.php?release_id=520558&group_id=175118", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/24763", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35261", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Profile.php in Elite Bulletin Board before 1.0.10 allows remote attackers to modify profile information via unspecified vectors related to \"a remote form,\" probably related to direct requests and missing authorization checks."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en el Profile.php del Elite Bulletin Board anetiror al 1.0.10 permite a atacantes remotos modificar la informaci\u00f3n del perfil a trav\u00e9s de vectores sin especificar, relacionado con un \"formulario remoto\" y probablemente relacionado con peticiones directas y con la p\u00e9rdida de controles de autorizaci\u00f3n."}], "lastModified": "2024-11-21T00:33:36.453", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:elite_bulletin_board:elite_bulletin_board:1.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F4F1C79-9C5C-4B8C-84E2-9E67320F581B"}, {"criteria": "cpe:2.3:a:elite_bulletin_board:elite_bulletin_board:1.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E412EA7-D786-49D5-9891-3504EDCC2D9A"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}