PT-2009-3445 · Celerbb · Celerbb

Drosophila

Publicado

2009-03-09

Atualizado

2018-10-10

CVE-2009-0853

CVSS v2.0

6.8

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions CelerBB version 0.0.2

Description The issue allows remote attackers to bypass authentication and obtain administrative access. This is achieved by using special characters in the Username parameter. For example, an attacker could use a value like 'admin'# for the Username parameter to exploit this issue.

Recommendations For CelerBB version 0.0.2, consider disabling the login functionality until a patch is available, or restrict access to the login.php file to minimize the risk of exploitation. Avoid using special characters in the Username parameter until the issue is resolved.

Exploit

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2009-0853

Produtos afetados

Celerbb

PT-2009-3445 · Celerbb · Celerbb

CVE-2009-0853

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4