Vulnerability Details CVE-2008-4167
useradmin.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 does not require administrative authentication, which allows remote attackers to (1) add or (2) remove an Administrator account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.047
EPSS Ranking 89.4%
CVSS Severity
CVSS v2 Score 6.4
References
- http://secunia.com/advisories/31774
- http://securityreason.com/securityalert/4282
- http://www.securityfocus.com/bid/31161
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45119
- https://www.exploit-db.com/exploits/6437
- http://secunia.com/advisories/31774
- http://securityreason.com/securityalert/4282
- http://www.securityfocus.com/bid/31161
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45119
- https://www.exploit-db.com/exploits/6437
Products affected by CVE-2008-4167
-
cpe:2.3:a:ezphotogallery:ezphotogallery:2.1