CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

static/ajax.php in PHPFox 3.7.3, 3.7.4, and 3.7.5 allows remote authenticated users to bypass intended "Only Me" restrictions and comment on a private publication via a request with a modified val[item_id] parameter for the publication.

Product Status

Learn more

Information not provided

References 3 Total

exchange.xforce.ibmcloud.com: phpfox-cve20137196-sec-bypass(92336)
external site
vdb-entry
securityfocus.com: 66677
external site
vdb-entry
securityfocus.com: 20140405 Vulnerability in PHPFox v3.7.3, v3.7.4 and v3.7.5 all build [ CVE-2013-7195, CVE-2013-7196 ]
external site
mailing-list

Updated: 2024-08-06

This container includes required additional information provided by the CVE Program for this vulnerability.

References 3 Total

exchange.xforce.ibmcloud.com: phpfox-cve20137196-sec-bypass(92336)
external site
vdb-entryx_transferred
securityfocus.com: 66677
external site
vdb-entryx_transferred
securityfocus.com: 20140405 Vulnerability in PHPFox v3.7.3, v3.7.4 and v3.7.5 all build [ CVE-2013-7195, CVE-2013-7196 ]
external site
mailing-listx_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: MITRE Corporation

Description

Product Status

References 3 Total

CVE Program

References 3 Total