VYPR
Unrated severityNVD Advisory· Published Apr 18, 2014· Updated Jun 17, 2026

CVE-2013-7196

CVE-2013-7196

Description

static/ajax.php in PHPFox 3.7.3, 3.7.4, and 3.7.5 allows remote authenticated users to bypass intended "Only Me" restrictions and comment on a private publication via a request with a modified val[item_id] parameter for the publication.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Phpfox/Phpfox4 versions
    cpe:2.3:a:phpfox:phpfox:3.7.3:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:phpfox:phpfox:3.7.3:*:*:*:*:*:*:*
    • cpe:2.3:a:phpfox:phpfox:3.7.4:*:*:*:*:*:*:*
    • cpe:2.3:a:phpfox:phpfox:3.7.5:*:*:*:*:*:*:*
    • (no CPE)range: >=3.7.3 <=3.7.5

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.