oj.cgi in OpenJournal 2.0 through 2.0.5 allows remote attackers to bypass authentication and access the control panel via a 0 in the uid parameter.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.04554
Percentile:
0.88726
CVSS Scoring
CVSS v2 Score: 10.0
Severity:
Affected Products
- cpe:2.3:a:openjournal:openjournal:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:openjournal:openjournal:2.0_1:*:*:*:*:*:*:*
- cpe:2.3:a:openjournal:openjournal:2.0_2:*:*:*:*:*:*:*
- cpe:2.3:a:openjournal:openjournal:2.0_3:*:*:*:*:*:*:*
- cpe:2.3:a:openjournal:openjournal:2.0_4:*:*:*:*:*:*:*
- cpe:2.3:a:openjournal:openjournal:2.0_5:*:*:*:*:*:*:*
← Back to Home