CVE-2009-4851

{"id": "CVE-2009-4851", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-05-07T18:30:01.390", "references": [{"url": "http://secunia.com/advisories/37274", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2009/3256", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.xoops.org/modules/newbb/viewtopic.php?post_id=319132", "source": "cve@mitre.org"}, {"url": "http://www.xoops.org/modules/news/article.php?storyid=5096", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/37274", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2009/3256", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.xoops.org/modules/newbb/viewtopic.php?post_id=319132", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.xoops.org/modules/news/article.php?storyid=5096", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The activation resend function in the Profiles module in XOOPS before 2.4.1 sends activation codes in response to arbitrary activation requests, which allows remote attackers to bypass administrative approval via a request involving activate.php."}, {"lang": "es", "value": "La funci\u00f3n de activaci\u00f3n de reenv\u00edo en el m\u00f3dulo Profiles en XOOPS anteriores a v2.4.1 env\u00eda c\u00f3digos de activaci\u00f3n en respuesta a peticiones de activaci\u00f3n de su elecci\u00f3n , lo que provoca que atacantes remotos eviten la aprobaci\u00f3n administrativa a trav\u00e9s de una petici\u00f3n que implique activate.php."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:xoops:xoops:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "371CEAFC-425E-4ED2-9B9D-759106C41F75", "versionEndIncluding": "2.4.0"}, {"criteria": "cpe:2.3:a:xoops:xoops:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC6A98F0-965F-4E73-AA6F-8803E1EF7660"}, {"criteria": "cpe:2.3:a:xoops:xoops:1.0_rc1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3355CD8B-9EF3-46CE-8DA3-FCF64B24F529"}, {"criteria": "cpe:2.3:a:xoops:xoops:1.0_rc3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFE4119C-E4A0-405F-AF9A-DAE023F79862"}, {"criteria": "cpe:2.3:a:xoops:xoops:1.0_rc3.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "348CD73F-6D2F-439B-9E15-6177895F27C6"}, {"criteria": "cpe:2.3:a:xoops:xoops:1.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FAE8B49C-84BE-4339-909F-389D3C1FD1EC"}, {"criteria": "cpe:2.3:a:xoops:xoops:1.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6515D89E-A80A-4C9B-AABA-886DA748FC1D"}, {"criteria": "cpe:2.3:a:xoops:xoops:1.3.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0F5267A-F85F-4394-9427-592F9C09D53A"}, {"criteria": "cpe:2.3:a:xoops:xoops:1.3.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BD944A1-902C-4031-80A5-61621CCA28A8"}, {"criteria": "cpe:2.3:a:xoops:xoops:1.3.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0764C095-72DA-4FAA-9A59-D192144872F8"}, {"criteria": "cpe:2.3:a:xoops:xoops:1.3.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21260A9E-32F8-4A95-A77B-34183F59C52F"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84C69533-CE11-4164-B558-D36B7B3582A8"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.0_rc1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE817D2B-A121-44B3-8455-82632A83DD5E"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.0_rc2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9D1966E-80CE-4BE1-8361-26EC1FA4D5A2"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.0_rc3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0FC239C-5401-4330-9F82-9C1791508C1C"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33E91D0D-42F6-4FAC-BD04-AA4D77C6DAD3"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "881DDA3C-4D95-471F-95BA-6C4629B3CB68"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E235D928-E2D9-46D3-B95F-C4AF556D3C01"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F0B5583-8489-4AF9-AD04-4A56AC244A59"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AD25BC1-E435-4691-B42A-0D98D80F0F83"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F58A3E7-4C21-48FD-AA26-7CCE85BAE887"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.5_rc:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D31DA582-6404-4071-AD4B-41CBB9B03EE4"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26950415-06AF-4910-A881-121EA0B43058"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89CFFAD2-F511-431C-BF24-08CA810B4645"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9341BAF2-7C1E-4203-81B9-AA23F26A9A27"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D927720F-920C-4674-A69E-91CBE196AE03"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8812215-7946-48B3-9CC2-1651B779A429"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "675A7068-CE9E-412A-8159-2A3820D6272E"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC857372-A76D-4F3D-9FEE-6086A0AB002C"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.9.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA2D117B-2800-462A-BA58-E71AED33EEFA"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08729570-512B-4B7E-A055-B8E312F41E86"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.10_rc:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF3A5F00-D84E-4D7F-A898-A1FC8F1A1D10"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "476872A3-838B-40B7-B180-2FE018EA9BE1"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E7B564C-A6D6-478E-924F-8D2F589A40BA"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.12a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0589935-681C-49BD-8987-2B9D4CFAEA47"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "136E70ED-B4B1-4CB6-AB38-7AFF08B966D6"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.13.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05BD8530-64CA-4528-BD17-DCF685DC6E21"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7292A887-F03B-4B9A-8C5D-3FC302F329D8"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6818F85B-6CFD-4B0D-9CA4-4721AEC799B5"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.14-rc1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D73E804-9CB5-406B-9DF6-4F74CC3984E2"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F45FFF2-DAF0-4B81-BE64-B37BB49B224D"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C60358F-0A06-4148-B988-667ABB8C9D2C"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "482DD7B1-DF96-45A1-B8BC-613592D918E1"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.17.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4B461E6-2374-4E34-9AF1-B863B7579654"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "541822E2-B233-4128-902A-3A3ACFCC1EBC"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.0.18.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8CACFC0-2538-4D62-9061-2FBCF4C7AD6D"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52F540F2-E26A-4214-9796-358EF128C307"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.3.0_alpha_3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91B66578-C1BF-412B-B17D-55D1E3E67943"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.3.0_alpha1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F395B23-7786-4C41-8021-7686D24C0365"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.3.0_alpha2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "056402CF-C322-493A-895F-346AC4363089"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.3.0_beta:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8032BF0C-B892-41A4-B9A7-2B0B94BEC813"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.3.0_rc:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CB57CF5-9828-45A5-8A4C-CFB362FCAB5A"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.3.0_rc2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72A67E8B-B035-4091-955C-7910A423A744"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.3.0_rc3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA2FB08D-49AB-4225-872A-576724669AFC"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D1E3E73-430E-45D9-A4B9-60EE24C62EF9"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.3.1_rc:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B48642D-3BC0-4B37-B0AF-B0D7558BC593"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.3.2a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2507D4B9-B505-4DF0-B63B-47085F95376F"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.3.2b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EC59872-ED60-46CF-AB86-E7AC7A7C4C61"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "149720D8-4C25-42ED-957D-179AD69C522A"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.4.0_beta_1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EDF1868-2892-4CE2-B073-ED87628F6A4C"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.4.0_beta_2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0FA1918-45C2-4E2C-B9AE-1BFB350EABF9"}, {"criteria": "cpe:2.3:a:xoops:xoops:2.4.0_rc:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6DBD069-0290-4D65-9A75-F5A469B38932"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}