CVE-2004-1567

Properties

Published:
30.12.2004
Updated:
20.10.2005
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N) Approximated
Product:
Silent-Storm: Silent-Storm Portal
Silent-Storm: Silent-Storm Portal

Vulnerability description

profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to gain privileges by setting the mail parameter to 1, which is the value for an administrator.

References:

BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=109655763808924&w=2
BID: http://www.securityfocus.com/bid/11284
SECUNIA: http://secunia.com/advisories/12704
XF: http://xforce.iss.net/xforce/xfdb/17555
BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=109655763808924&w=2
SECTRACK: http://securitytracker.com/id?1011470