NVD

Id
55761  
Name
CVE-2007-3611  
Description
admin.php in VRNews 1.1.1, and possibly other 1.x versions, does not require authentication, which allows remote attackers to perform certain administrative actions via a direct request with a (1) edit, (2) add, (3) config, or (4) del value in the act parameter.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2007-07-06  
Modified Date
2008-11-15  
Seq
2007-3611  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
283509 55761 CVE-2007-3611 4150  View
283510 55761 CVE-2007-3611 vrnews-admin-security-bypass(35271)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
57137 JVNDB-2007-005829 VRNews の admin.php における特定の管理者操作を実行される脆弱性 VRNews の admin.php は、認証を必要としないため、特定の管理者操作を実行される脆弱性が存在します。 CVE-2007-3611 26966 CVE-2007-3611 55761 9.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-005829.html 2007-07-06 2012-12-20 View