Vulnerability Description
Gallarific does not require authentication for (1) users.php and (2) index.php, which allows remote attackers to add and edit tasks via a direct request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gallarific | Gallarific | All versions |
Related Weaknesses (CWE)
References
- http://downloads.securityfocus.com/vulnerabilities/exploits/28163.htmlExploit
- http://secunia.com/advisories/29399Vendor Advisory
- http://www.securityfocus.com/bid/28163Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41106
- https://lists.apache.org/thread.html/r02c2d634fa74209d941c90f9a4cd36a6f12366ca65
- https://lists.apache.org/thread.html/rf482c101a88445d73cc2e89dbf7f16ae00a4aa79a5
- http://downloads.securityfocus.com/vulnerabilities/exploits/28163.htmlExploit
- http://secunia.com/advisories/29399Vendor Advisory
- http://www.securityfocus.com/bid/28163Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41106
- https://lists.apache.org/thread.html/r02c2d634fa74209d941c90f9a4cd36a6f12366ca65
- https://lists.apache.org/thread.html/rf482c101a88445d73cc2e89dbf7f16ae00a4aa79a5
FAQ
What is CVE-2008-1327?
CVE-2008-1327 is a vulnerability with a CVSS score of 7.5 (HIGH). Gallarific does not require authentication for (1) users.php and (2) index.php, which allows remote attackers to add and edit tasks via a direct request. NOTE: the provenance of this information is u...
How severe is CVE-2008-1327?
CVE-2008-1327 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1327?
Check the references section above for vendor advisories and patch information. Affected products include: Gallarific Gallarific.