CVE

Id
36864  
CVE No.
CVE-2008-6747  
Status
Candidate  
Description
dotProject before 2.1.2 does not properly restrict access to administrative pages, which allows remote attackers to gain privileges. NOTE: some of these details are obtained from third party information.  
Phase
Assigned (20090423)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
401404 36864 CVE-2008-6747 CONFIRM:http://sourceforge.net/project/shownotes.php?group_id=21656&release_id=616346  View
401405 36864 CVE-2008-6747 BID:29679  View
401406 36864 CVE-2008-6747 URL:http://www.securityfocus.com/bid/29679  View
401407 36864 CVE-2008-6747 OSVDB:46143  View
401408 36864 CVE-2008-6747 URL:http://osvdb.org/46143  View
401409 36864 CVE-2008-6747 SECUNIA:30470  View
401410 36864 CVE-2008-6747 URL:http://secunia.com/advisories/30470  View
401411 36864 CVE-2008-6747 XF:dotproject-adminpage-unauth-access(43019)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
44561 JVNDB-2009-005568 ReVou Micro Blogging 用の TClone プラグインにおける任意のコードを実行される脆弱性 ReVou Micro Blogging 用の Twitter Clone (TClone) プラグインの index.php は、ファイルをアップロードされることにより、任意のコードを実行される脆弱性が存在します。 CVE-2008-6751 36864 6.8 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-005568.html  View