VYPR
Unrated severityNVD Advisory· Published Nov 5, 2007· Updated Jun 16, 2026

CVE-2007-5835

CVE-2007-5835

Description

Install.php in BosDev BosNews 4 and 5 does not require authentication for replacing an existing product installation or creating a new admin account, which allows remote attackers to cause a denial of service (overwritten files) and possibly obtain administrative access.

Affected products

3
  • Bosdev/Bosnews3 versions
    cpe:2.3:a:bosdev:bosnews:4:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:bosdev:bosnews:4:*:*:*:*:*:*:*
    • cpe:2.3:a:bosdev:bosnews:5:*:*:*:*:*:*:*
    • (no CPE)range: 4 and 5

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.