Vulnerability Details : CVE-2007-0652
Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag.
Vulnerability category: Cross-site request forgery (CSRF)
Products affected by CVE-2007-0652
- cpe:2.3:a:mailenable:mailenable_professional:1.52:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.17:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.18:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.19:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.2a:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.51:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.53:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.54:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.7:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.72:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.73:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.0.007:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.0.008:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.0.016:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.0.017:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.106:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.107:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.114:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.115:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.0.005:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.0.006:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.0.013:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.0.014:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.0.015:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.104:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.105:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.112:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.113:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.16:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.0.009:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.0.010:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.101:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.108:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.109:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.116:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.12:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.0.004:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.0.011:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.0.012:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.102:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.103:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.110:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.111:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.13:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.14:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.15:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.82:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:2.33:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.84:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:2.32:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:1.83:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:2.34:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:2.35:*:*:*:*:*:*:*
- cpe:2.3:a:mailenable:mailenable_professional:2.351:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-0652
1.29%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-0652
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.1
|
MEDIUM | AV:N/AC:H/Au:N/C:P/I:P/A:P |
4.9
|
6.4
|
NIST |
References for CVE-2007-0652
Jump to