CVE-2001-1011
Published Jul 25, 2001
Last updated 7 years ago
Overview
- Description
- index2.php in Mambo Site Server 3.0.0 through 3.0.5 allows remote attackers to gain Mambo administrator privileges by setting the PHPSESSID parameter and providing the appropriate administrator information in other parameters.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mambo:mambo_site_server:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "677FC209-BD49-4331-9723-DEDE4F8BC20D"
},
{
"criteria": "cpe:2.3:a:mambo:mambo_site_server:3.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "758CAFF4-10F3-49A6-98DA-B043F3E9EF12"
},
{
"criteria": "cpe:2.3:a:mambo:mambo_site_server:3.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2FE13A8C-F380-4925-AC25-A3980D52C7EC"
},
{
"criteria": "cpe:2.3:a:mambo:mambo_site_server:3.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6E8B61B-0761-40FC-99FF-58BC8725FE05"
},
{
"criteria": "cpe:2.3:a:mambo:mambo_site_server:3.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B499138-1060-4FF5-B6B7-C6326CAF9411"
},
{
"criteria": "cpe:2.3:a:mambo:mambo_site_server:3.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61F070B7-A0A3-43FD-8D9C-98798F1E8286"
}
],
"operator": "OR"
}
]
}
]