CVE-2007-1043

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2007-1043
Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://forums.avenir-geopolitique.net/viewtopic.php?t=2674 Exploit Vendor Advisory
http://osvdb.org/34181
http://securityreason.com/securityalert/2275
http://www.securityfocus.com/archive/1/460325/100/0/threaded
http://www.securityfocus.com/bid/22590
https://exchange.xforce.ibmcloud.com/vulnerabilities/32563
http://forums.avenir-geopolitique.net/viewtopic.php?t=2674 Exploit Vendor Advisory
http://osvdb.org/34181
http://securityreason.com/securityalert/2275
http://www.securityfocus.com/archive/1/460325/100/0/threaded
http://www.securityfocus.com/bid/22590
https://exchange.xforce.ibmcloud.com/vulnerabilities/32563
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:tru64:5.1b_pk2_bl22:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*
cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_95:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
cpe:2.3:o:santa_cruz_operation:sco_unix:*:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*
cpe:2.3:o:windriver:bsdos:*:*:*:*:*:*:*:*
cpe:2.3:a:ezboo:webstats:3.0.3:*:*:*:*:*:*:*
History

No history.

Information

Published : 2007-02-21 17:28

Updated : 2025-04-09 00:30

NVD link : CVE-2007-1043

Mitre link : CVE-2007-1043

CVE.ORG link : CVE-2007-1043

JSON object : View

Products Affected

ibm

  • os2
  • aix

santa_cruz_operation

  • sco_unix

microsoft

  • windows_98se
  • windows_me
  • windows_2003_server
  • windows_98
  • windows_nt
  • windows_xp
  • windows_2000
  • windows_95

sun

  • solaris

ezboo

  • webstats

windriver

  • bsdos

apple

  • mac_os_x

hp

  • hp-ux
  • tru64

linux

  • linux_kernel
CWE
NVD-CWE-Other