Vulnerabilities > CVE-2007-0760 - Authentication Bypass vulnerability in Eqdkp 1.3.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
EQdkp 1.3.1 and earlier authenticates administrative requests by verifying that the HTTP Referer header specifies an admin/ URL, which allows remote attackers to read or modify account names and passwords via a spoofed Referer.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | EQdkp <= 1.3.1 (Referer Spoof) Remote Database Backup Vulnerability. CVE-2007-0760. Webapps exploit for php platform |
file | exploits/php/webapps/3252.txt |
id | EDB-ID:3252 |
last seen | 2016-01-31 |
modified | 2007-02-02 |
platform | php |
port | |
published | 2007-02-02 |
reporter | Eight10 |
source | https://www.exploit-db.com/download/3252/ |
title | EQdkp <= 1.3.1 Referer Spoof Remote Database Backup Vulnerability |
type | webapps |