Vulnerabilities > CVE-2007-0516 - Remote Security vulnerability in Yana Framework

CVSS 4.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

yana-framework

NVD

Published: 2007-01-26

Updated: 2017-07-29

Summary

Yana Framework before 2.8.5a allows remote authenticated users with permissions to modify a guestbook profile to modify or delete arbitrary guestbook profiles via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part	Description	Count
Application	Yana_Framework Yana Framework Yana Framework 2.8 Yana Framework Yana Framework 2.8.1 Yana Framework Yana Framework 2.8.2A Yana Framework Yana Framework 2.8.3A Yana Framework Yana Framework *	5

References

http://all-community.de/pub/pages/changes.php?language=en
http://secunia.com/advisories/23855
http://www.osvdb.org/31615
https://exchange.xforce.ibmcloud.com/vulnerabilities/31671