Vulnerabilities > CVE-2009-3180 - Credentials Management vulnerability in Anantasoft Gazelle CMS 1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Anantasoft Gazelle CMS 1.0 allows remote attackers to conduct a password reset for other users via a modified user parameter to renew.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | Gazelle CMS 1.0 Multiple Vulnerabilities / RCE Exploit. CVE-2009-3167,CVE-2009-3171,CVE-2009-3180,CVE-2009-3181,CVE-2009-3182. Webapps exploit for php platform |
file | exploits/php/webapps/9425.sh |
id | EDB-ID:9425 |
last seen | 2016-02-01 |
modified | 2009-08-12 |
platform | php |
port | |
published | 2009-08-12 |
reporter | IHTeam |
source | https://www.exploit-db.com/download/9425/ |
title | Gazelle CMS 1.0 - Multiple Vulnerabilities / RCE Exploit |
type | webapps |