CVE-2007-2372 - Vulnerability Details - OpenCVE

admin/send_mod.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier prints a Location header but does not exit when administrative credentials are missing, which allows remote attackers to compose an e-mail message via a post with the subject, message, format, and list_id fields; and send the message via a direct request for the MsgId value under admin/.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gregory Kokanosky	Phpmynewsletter

Configuration 1 [-]

cpe:2.3:a:gregory_kokanosky:phpmynewsletter:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/23342
https://www.exploit-db.com/exploits/3671

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-04-30T23:00:00

Updated: 2024-08-07T13:33:28.627Z

Reserved: 2007-04-30T00:00:00

Link: CVE-2007-2372

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-04-30T23:19:00.000

Modified: 2024-11-21T00:30:37.467

Link: CVE-2007-2372

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-04-05T00:00:00", "descriptions": [{"lang": "en", "value": "admin/send_mod.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier prints a Location header but does not exit when administrative credentials are missing, which allows remote attackers to compose an e-mail message via a post with the subject, message, format, and list_id fields; and send the message via a direct request for the MsgId value under admin/."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "23342", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23342"}, {"name": "3671", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/3671"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-2372", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "admin/send_mod.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier prints a Location header but does not exit when administrative credentials are missing, which allows remote attackers to compose an e-mail message via a post with the subject, message, format, and list_id fields; and send the message via a direct request for the MsgId value under admin/."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "23342", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23342"}, {"name": "3671", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/3671"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T13:33:28.627Z"}, "title": "CVE Program Container", "references": [{"name": "23342", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23342"}, {"name": "3671", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/3671"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-2372", "datePublished": "2007-04-30T23:00:00", "dateReserved": "2007-04-30T00:00:00", "dateUpdated": "2024-08-07T13:33:28.627Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gregory_kokanosky:phpmynewsletter:*:*:*:*:*:*:*:*", "matchCriteriaId": "D741E39E-074C-4BFF-B379-2A3BC48443F6", "versionEndIncluding": "0.8_beta_5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "admin/send_mod.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier prints a Location header but does not exit when administrative credentials are missing, which allows remote attackers to compose an e-mail message via a post with the subject, message, format, and list_id fields; and send the message via a direct request for the MsgId value under admin/."}, {"lang": "es", "value": "admin/send_mod.php en Gregory Kokanosky phpMyNewsletter 0.8 beta5 y anteriores escribe una cabecera Location pero no termina cuando faltan las credenciales administrativas, lo cual permite a atacantes remotos componer un mensaje de correo electr\u00f3nico mediante una petici\u00f3n POST con los campos subject, message, format, y list_id; y enviar el mensaje mediante una petici\u00f3n directa del valor MsgId bajo admin/."}], "id": "CVE-2007-2372", "lastModified": "2024-11-21T00:30:37.467", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-04-30T23:19:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/23342"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/3671"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/23342"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/3671"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}