Vulnerabilities > CVE-2009-0399 - Configuration vulnerability in Chipmunk Scripts Chipmunk Blogger

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

chipmunk-scripts

CWE-16

exploit available

NVD

Published: 2009-02-03

Updated: 2024-11-21

Summary

Chipmunk Blogger Script allows remote attackers to gain administrator privileges via a direct request to admin/reguser.php. NOTE: this is only a vulnerability when the administrator does not properly follow installation directions.

Vulnerable Configurations

Part	Description	Count
Application	Chipmunk_Scripts Chipmunk Scripts Chipmunk Blogger *	1

Common Weakness Enumeration (CWE)

CWE-16 - Configuration

Exploit-Db

description	Chipmunk Blog (Auth Bypass) Add Admin Exploit. CVE-2009-0399,CVE-2009-0403. Webapps exploit for php platform
file	exploits/php/webapps/7894.txt
id	EDB-ID:7894
last seen	2016-02-01
modified	2009-01-28
platform	php
port
published	2009-01-28
reporter	x0r
source	https://www.exploit-db.com/download/7894/
title	Chipmunk Blog Auth Bypass Add Admin Exploit
type	webapps

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

References