NVD

Id
64304  
Name
CVE-2006-5729  
Description
Yazd Discussion Forum before 3.0 beta does not properly manage forum permissions, which allows remote authenticated users to (1) reply to a message in an arbitrary forum, if authorized to create a message in any forum; and (2) perform certain unauthorized forum actions, related to an "error in how the permissions were assembled" that assigns extra permissions to users.  
Reject
 
CVSS Version
2  
CVSS Score
6.5  
Severity
Medium  
CVSS Base Score
6.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:P/A:P)  
Pub Date
2016-12-20  
Published
2006-11-06  
Modified Date
2008-09-05  
Seq
2006-5729  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
335397 64304 CVE-2006-5729 http://sourceforge.net/project/shownotes.php?group_id=39239&release_id=460547  View
335398 64304 CVE-2006-5729 20889  View
335399 64304 CVE-2006-5729 yazd-unspecified-security-bypass(29994)  View
335400 64304 CVE-2006-5729 yazd-messages-security-bypass(29996)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
61141 JVNDB-2006-003407 Yazd Discussion Forum における任意のフォーラム内へメッセージを返信される脆弱性 Yazd Discussion Forum は、フォーラムのパーミションを適切に管理しない、およびユーザへ追加パーミションを割り当てる "パーミションの組み立て方のエラー" の不備があるため、以下の脆弱性が存在します。 CVE-2006-5729 21831 CVE-2006-5729 64304 6.5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-003407.html 2006-11-06 2012-12-20 View