ID CVE-2004-1567
Summary profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to gain privileges by setting the mail parameter to 1, which is the value for an administrator.
References
Vulnerable Configurations
  • cpe:2.3:a:silent-storm:silent-storm_portal:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:silent-storm:silent-storm_portal:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:silent-storm:silent-storm_portal:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:silent-storm:silent-storm_portal:2.2:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 11-07-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 11284
bugtraq 20040930 Multiple Vulnerabilities in Silent Storm Portal
sectrack 1011470
secunia 12704
xf silent-storm-gain-admin(17555)
Last major update 11-07-2017 - 01:31
Published 31-12-2004 - 05:00
Back to Top