Published: 29/11/2009 Updated: 17/08/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

telepark.wiki 2.4.23 and previous versions allows remote malicious users to bypass authorization and (1) delete arbitrary pages via a modified pageID parameter to ajax/deletePage.php or (2) delete arbitrary comments via a modified pageID parameter to ajax/deleteComment.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
telepark telepark.wiki 2.4.23

Abysssec Inc Public Advisory Title : Telepark Wiki Multiple Remote Vulnerabilities Affected Version : <= v2423 Vendor Site : wwwteamtodocom Discovery : wwwAbyssseccom Vendor contact : 8 november Vendor response : 9 november (patch is available in vendor website) Description : now vendor patched all vulnerabities and you ca ...

# # [+] Vulnerability : ProShow Gold 4 BOF # [+] Detected by : Bkis - blogbkiscom/?p=737 # [*] Sploit coded by : corelanc0d3r (corelanc0d3r[at]gmail[dot]com) # [*] Sploit coded on : August 20, 2009 # [*] Type : local # [*] OS : Windows # [*] Product : Photodex ProShow Gold # [*] Versions ...

CWE-287 http://packetstormsecurity.org/0911-exploits/Telepark-fixes-nov09-2.txt http://blog.telepark.com/telepark-web-software/2009/11/09/telepark-wiki-security-fixes/http://www.osvdb.org/60215 http://www.osvdb.org/60214 http://secunia.com/advisories/37391 http://www.exploit-db.com/exploits/9483 https://exchange.xforce.ibmcloud.com/vulnerabilities/54329 https://nvd.nist.gov https://www.exploit-db.com/exploits/10101/

CVE-2009-4089

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect