Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for revou by revou

    CVE-2008-6752 (GCVE-0-2008-6752)

    Vulnerability from nvd – Published: 2009-04-24 14:00 – Updated: 2024-08-07 11:41
    VLAI
    Summary
    adminlogin/password.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging does not verify the original password before changing passwords, which allows remote attackers to change the administrator's password and gain privileges via a direct request with modified newpass1 and newpass2 parameters in a Change operation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/7523 exploitx_refsource_EXPLOIT-DB
    http://osvdb.org/51705 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/34851 vdb-entryx_refsource_BID
    http://secunia.com/advisories/33247 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2008-12-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T11:41:59.951Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "7523",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/7523"
              },
              {
                "name": "51705",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/51705"
              },
              {
                "name": "34851",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34851"
              },
              {
                "name": "33247",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/33247"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-12-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "adminlogin/password.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging does not verify the original password before changing passwords, which allows remote attackers to change the administrator\u0027s password and gain privileges via a direct request with modified newpass1 and newpass2 parameters in a Change operation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "7523",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/7523"
            },
            {
              "name": "51705",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/51705"
            },
            {
              "name": "34851",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34851"
            },
            {
              "name": "33247",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/33247"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-6752",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "adminlogin/password.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging does not verify the original password before changing passwords, which allows remote attackers to change the administrator\u0027s password and gain privileges via a direct request with modified newpass1 and newpass2 parameters in a Change operation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "7523",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/7523"
                },
                {
                  "name": "51705",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/51705"
                },
                {
                  "name": "34851",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/34851"
                },
                {
                  "name": "33247",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/33247"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-6752",
        "datePublished": "2009-04-24T14:00:00.000Z",
        "dateReserved": "2009-04-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T11:41:59.951Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-6752 (GCVE-0-2008-6752)

    Vulnerability from cvelistv5 – Published: 2009-04-24 14:00 – Updated: 2024-08-07 11:41
    VLAI
    Summary
    adminlogin/password.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging does not verify the original password before changing passwords, which allows remote attackers to change the administrator's password and gain privileges via a direct request with modified newpass1 and newpass2 parameters in a Change operation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/7523 exploitx_refsource_EXPLOIT-DB
    http://osvdb.org/51705 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/34851 vdb-entryx_refsource_BID
    http://secunia.com/advisories/33247 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2008-12-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T11:41:59.951Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "7523",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/7523"
              },
              {
                "name": "51705",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/51705"
              },
              {
                "name": "34851",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34851"
              },
              {
                "name": "33247",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/33247"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-12-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "adminlogin/password.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging does not verify the original password before changing passwords, which allows remote attackers to change the administrator\u0027s password and gain privileges via a direct request with modified newpass1 and newpass2 parameters in a Change operation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "7523",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/7523"
            },
            {
              "name": "51705",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/51705"
            },
            {
              "name": "34851",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34851"
            },
            {
              "name": "33247",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/33247"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-6752",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "adminlogin/password.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging does not verify the original password before changing passwords, which allows remote attackers to change the administrator\u0027s password and gain privileges via a direct request with modified newpass1 and newpass2 parameters in a Change operation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "7523",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/7523"
                },
                {
                  "name": "51705",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/51705"
                },
                {
                  "name": "34851",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/34851"
                },
                {
                  "name": "33247",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/33247"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-6752",
        "datePublished": "2009-04-24T14:00:00.000Z",
        "dateReserved": "2009-04-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T11:41:59.951Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }