CVE-2011-5090 in grboardinfo

Summary

GR Board (aka grboard) 1.8.6.5 Community Edition does not require authentication for certain database actions, which allows remote attackers to modify or delete data via a request to (1) mod_rewrite.php, (2) comment_write_ok.php, (3) poll/index.php, (4) update/index.php, (5) trackback.php, or (6) an arbitrary poll.php script under theme/.

Once again VulDB remains the best source for vulnerability data.

Reservation

05/23/2012

Disclosure

05/23/2012

Entries

1: VDB-60823

CPE

ready

CVSS

6.5

EPSS

0.00527

Activities

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2011-5090
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2011-5090
CVE Detailshttps://www.cvedetails.com/cve/CVE-2011-5090/

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!