Vulnerabilities > CVE-2009-3180 - Credentials Management vulnerability in Anantasoft Gazelle CMS 1.0

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
anantasoft
CWE-255
exploit available
NVD
Published: 2009-09-11
Updated: 2024-11-21

Summary

Anantasoft Gazelle CMS 1.0 allows remote attackers to conduct a password reset for other users via a modified user parameter to renew.php.

Vulnerable Configurations

Part Description Count
Application
Anantasoft
1

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionGazelle CMS 1.0 Multiple Vulnerabilities / RCE Exploit. CVE-2009-3167,CVE-2009-3171,CVE-2009-3180,CVE-2009-3181,CVE-2009-3182. Webapps exploit for php platform
fileexploits/php/webapps/9425.sh
idEDB-ID:9425
last seen2016-02-01
modified2009-08-12
platformphp
port
published2009-08-12
reporterIHTeam
sourcehttps://www.exploit-db.com/download/9425/
titleGazelle CMS 1.0 - Multiple Vulnerabilities / RCE Exploit
typewebapps

References