Lucene search

CVE-2005-0647

🗓️ 02 May 2005 04:00:00Reported by mitreType

admin_setup.php in paNews 2.0.4b allows remote attackers to inject arbitrary PHP code via the (1) $form[comments] or (2) $form[autoapprove] parameters, which are written to config.php

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 4
NVD	CVE-2005-0647	2 May 200504:00	–	nvd
Cvelist	CVE-2005-0647	4 Mar 200505:00	–	cvelist
Tenable Nessus	paNews admin_setup.php Multiple Parameter Arbitrary PHP Code Injection	23 Feb 200500:00	–	nessus
Tenable Nessus	paNews 2.0.4b Multiple Input Validation Vulnerabilities	18 Mar 200500:00	–	nessus

Nvd

Node

php_arena panewsMatch2.0.4b

Source	Link
kernelpanik	www.kernelpanik.org/docs/kernelpanik/panews.txt
marc	www.marc.info/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 May 2005 04:00Current

7High risk

Vulners AI Score7

CVSS25

EPSS0.0322