CVE-2007-5441 in CMS Made Simpleinformación

Resumen (Inglés)

CMS Made Simple 1.1.3.1 does not check the permissions assigned to users in some situations, which allows remote authenticated users to perform some administrative actions, as demonstrated by (1) adding a user via a direct request to admin/adduser.php and (2) reading the admin log via an "admin/adminlog.php?page=1" request.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservar

2007-10-14

Divulgación

2007-10-14

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
39251	CMS Made Simple Administrative escalada de privilegios	264	No está definido	No está definido	CVE-2007-5441

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

MITRE
NVD
CVE Details

◂ AnteriorVisión De ConjuntoPróximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!