CVE-2011-5253
thegr dl 0.3-0.9 - Unauthenticated Arbitrary User Login via Authorization Header
Title source: llmDescription
Dl Download Ticket Service 0.3 through 0.9 allows remote attackers to login as an arbitrary user by supplying an authorization header.
References (4)
Core 4
Core References
Various Sources x_refsource_confirm
http://www.thregr.org/~wavexx/software/dl/NEWS.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/72252
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/47466
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/51347
Scores
EPSS
0.0112
EPSS Percentile
62.1%
Details
CWE
CWE-287
Status
published
Products (7)
thegr/dl
0.3
thegr/dl
0.4
thegr/dl
0.5
thegr/dl
0.6
thegr/dl
0.7
thegr/dl
0.8
thegr/dl
0.9
Published
Jan 12, 2013
Tracked Since
Feb 18, 2026