NVD

Id
11350  
Name
CVE-2011-5090  
Description
GR Board (aka grboard) 1.8.6.5 Community Edition does not require authentication for certain database actions, which allows remote attackers to modify or delete data via a request to (1) mod_rewrite.php, (2) comment_write_ok.php, (3) poll/index.php, (4) update/index.php, (5) trackback.php, or (6) an arbitrary poll.php script under theme/.  
Reject
 
CVSS Version
2  
CVSS Score
6.4  
Severity
Medium  
CVSS Base Score
6.4  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:P/A:P)  
Pub Date
2017-01-07  
Published
2012-05-23  
Modified Date
2012-08-18  
Seq
2011-5090  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
62663 11350 CVE-2011-5090 http://sirini.net/grboard/board.php?id=developer&articleNo=591  View
62664 11350 CVE-2011-5090 grboard-security-bypass(75856)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
26808 JVNDB-2012-002515 GR Board におけるデータを変更または削除される脆弱性 GR Board は、特定のデータベースアクションに対して認証を要求しないため、データを変更される、または削除される脆弱性が存在します。 CVE-2011-5090 52997 CVE-2011-5090 11350 6.4 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002515.html 2012-05-24 2012-05-25 View