Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php.
2007-02-21T17:28:00.000
2025-04-09T00:30:58.490
Deferred
CVSSv2: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | apple | mac_os_x | 10.4.9 | No |
| Operating System | hp | hp-ux | * | No |
| Operating System | hp | tru64 | 5.1b_pk2_bl22 | No |
| Operating System | ibm | aix | * | No |
| Operating System | ibm | os2 | * | No |
| Operating System | linux | linux_kernel | * | No |
| Operating System | microsoft | windows_2000 | * | No |
| Operating System | microsoft | windows_2003_server | sp2 | No |
| Operating System | microsoft | windows_95 | * | No |
| Operating System | microsoft | windows_98 | * | No |
| Operating System | microsoft | windows_98se | * | No |
| Operating System | microsoft | windows_me | * | No |
| Operating System | microsoft | windows_nt | 4.0 | No |
| Operating System | microsoft | windows_xp | * | No |
| Operating System | santa_cruz_operation | sco_unix | * | No |
| Operating System | sun | solaris | * | No |
| Operating System | windriver | bsdos | * | No |
| Application | ezboo | webstats | 3.0.3 | Yes |