Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2008-6473

_blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote attackers to change the password for arbitrary users via a modified "a" parameter with a "%" wildcard symbol in the b parameter.

  • Published: Mar 16, 2009
  • Updated: Apr 13, 2023
  • CVE: CVE-2008-6473
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.4
  • AV:N/AC:L/Au:N/C:N/I:P/A:P

CWEs:

Software From Fixed in
blogator-script / blogator-script 0.95 0.95.x