Vulnerabilities > CVE-2007-4637 - Denial-Of-Service vulnerability in XGB 2.0

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

xgb

exploit available

NVD

Published: 2007-08-31

Updated: 2017-09-29

Summary

xGB.php in xGB 2.0 does not require authentication for an admin edit action, which allows remote attackers to make unspecified changes via an unknown series of steps.

Vulnerable Configurations

Part	Description	Count
Application	Xgb XGB XGB 2.0	1

Exploit-Db

description	xGB 2.0 (xGB.php) Remote Permission Bypass Vulnerability. CVE-2007-4637. Webapps exploit for php platform
file	exploits/php/webapps/4336.txt
id	EDB-ID:4336
last seen	2016-01-31
modified	2007-08-29
platform	php
port
published	2007-08-29
reporter	DarkFuneral
source	https://www.exploit-db.com/download/4336/
title	xGB 2.0 xGB.php Remote Permission Bypass Vulnerability
type	webapps

References

https://www.exploit-db.com/exploits/4336