CVE-2009-4675 - OpenCVE

admin/admin_info/index.php in the Mole Group Gastro Portal (Restaurant Directory) Script does not require administrative authentication, which allows remote attackers to change the admin password via an unspecified form submission.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Mole-group	Gastro Portal \(restaurant Directory\) Script

Configuration 1 [-]

cpe:2.3:a:mole-group:gastro_portal_\(restaurant_directory\)_script:-:*:*:*:*:*:*:*

References

Link	Resource
http://www.exploit-db.com/exploits/8775
http://www.securityfocus.com/bid/35079
https://exchange.xforce.ibmcloud.com/vulnerabilities/50723

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2010-03-05T18:00:00

Updated: 2017-09-18T12:57:01

Reserved: 2010-03-05T00:00:00

Link: CVE-2009-4675

JSON object: View

NVD Information

Status : Modified

Published: 2010-03-05T18:30:00.673

Modified: 2017-09-19T01:30:01.750

Link: CVE-2009-4675

JSON object: View

Redhat Information

No data.

CWE

CWE-287

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-05-22T00:00:00", "descriptions": [{"lang": "en", "value": "admin/admin_info/index.php in the Mole Group Gastro Portal (Restaurant Directory) Script does not require administrative authentication, which allows remote attackers to change the admin password via an unspecified form submission."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "8775", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/8775"}, {"name": "restaurant-index-security-bypass(50723)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50723"}, {"name": "35079", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/35079"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-4675", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "admin/admin_info/index.php in the Mole Group Gastro Portal (Restaurant Directory) Script does not require administrative authentication, which allows remote attackers to change the admin password via an unspecified form submission."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "8775", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/8775"}, {"name": "restaurant-index-security-bypass(50723)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50723"}, {"name": "35079", "refsource": "BID", "url": "http://www.securityfocus.com/bid/35079"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-4675", "datePublished": "2010-03-05T18:00:00", "dateReserved": "2010-03-05T00:00:00", "dateUpdated": "2017-09-18T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}