Max CVSS | 5.5 | Min CVSS | 5.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2013-7196 | 5.5 |
static/ajax.php in PHPFox 3.7.3, 3.7.4, and 3.7.5 allows remote authenticated users to bypass intended "Only Me" restrictions and comment on a private publication via a request with a modified val[item_id] parameter for the publication.
|
09-10-2018 - 19:35 | 18-04-2014 - 22:14 | |
CVE-2013-7195 | 5.5 |
PHPFox 3.7.3 and 3.7.4 allows remote authenticated users to bypass intended "Only Me" restrictions and "like" a publication via a request that specifies the ID for the publication.
|
09-10-2018 - 19:35 | 18-04-2014 - 22:14 |