Lucene search

[email protected]CVE-2004-2341

HistoryAug 16, 2005 - 4:00 a.m.

CVE-2004-2341

2005-08-1604:00:00

[email protected]

web.nvd.nist.gov

cve-2004-2341

php

file inclusion

injection

vulnerability

isearch

remote code execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.1%

JSON

PHP file include injection vulnerability in isearch.inc.php for iSearch allows remote attackers to execute arbitrary code via the isearch_path parameter.

Affected configurations

NVD

Node

isearchisearch

References

www.securitytracker.com/alerts/2004/Feb/1008900.html

exchange.xforce.ibmcloud.com/vulnerabilities/15009

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.1%

JSON

Related for CVE-2004-2341

cvelist1 nvd1