CVE-2008-7188

Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 09/09/2009 Updated: 29/09/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

ClipShare 2.6 does not properly restrict access to certain functionality, which allows remote malicious users to change the profile of arbitrary users via a modified uid variable to siteadmin/useredit.php. NOTE: this can be used to recover the password of the user by using the modified e-mail address in the email parameter to recoverpass.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
clip-share clipshare 2.6

#!/usr/bin/perl -w #priv8 #Pr0metheuS #Exploit Name: Clipshare Remote User Password Change Exploit #Version Script: Clipshare 26 #Dork: "Powered by Clipshare" #EnjoY print "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-"; print "\nClipshare 26 Remote User Passord Change Exploit\n"; print "\nBy Pr0metheuS \n"; print "-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ...

CWE-264 http://secunia.com/advisories/28313 http://www.securityfocus.com/bid/27148 https://exchange.xforce.ibmcloud.com/vulnerabilities/39494 https://www.exploit-db.com/exploits/4837 https://nvd.nist.gov https://www.exploit-db.com/exploits/4837/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-7188

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect