CVE-2008-0736
MEDIUM—CVSS v3
5.0CVSS v2
9.82%
EPSS (exploit probability)
CWE-200CWE
Description
admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1.1.26, and possibly other 4.x and 3.x versions, allows remote attackers to obtain the path via a certain value of the FedExAccount parameter.
Affected routers (1)
| Vendor | Model | Matched via | Affected versions | Fixed in | Patch Status |
|---|---|---|---|---|---|
| Ubiquiti | Ubiquiti EdgeRouter 4 | — |
— | — | Unpatched |