CVE-2004-0249 - PHPX Multiple Vulnerabilities

Publication

2004-11-23

Last modification

2017-07-11

Summary

PHPX 2.0 through 3.2.4 allows remote attackers to gain access to other accounts by modifying the cookie's PXL variable to reference another userID.

Risk level (CVSS AV:N/AC:L/Au:N/C:C/I:C/A:C)

High

10.0

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

Vendor Product Versions
Phpx Phpx  3.2.3

Related CVE

Date CVE Title CVSS
2004-11-23 CVE-2004-0248 PHPX Multiple Vulnerabilities Medium