CVE-2009-4874
published 2010-05-26CVE-2009-4874: TalkBack 2.3.14 does not properly restrict access to the edit comment feature (comments.php), which allows remote attackers to modify comments.
PriorityP342medium6.4CVSS 2.0
AVNACLAuNCPIPAN
EXPLOIT
EPSS
2.60%
83.4th percentile
TalkBack 2.3.14 does not properly restrict access to the edit comment feature (comments.php), which allows remote attackers to modify comments.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| scripts.oldguy | talkback | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/55745http://secunia.com/advisories/35735http://www.exploit-db.com/exploits/9095http://www.juniper.net/security/auto/vulnerabilities/vuln35619.htmlhttp://www.packetstormsecurity.org/0907-exploits/talkback-lfiexec.txthttp://www.securityfocus.com/bid/35619http://osvdb.org/55745http://secunia.com/advisories/35735http://www.exploit-db.com/exploits/9095http://www.juniper.net/security/auto/vulnerabilities/vuln35619.htmlhttp://www.packetstormsecurity.org/0907-exploits/talkback-lfiexec.txthttp://www.securityfocus.com/bid/35619
2010-05-26
Published