Lucene search

[email protected]CVE-2005-0698

HistoryMar 07, 2005 - 5:00 a.m.

CVE-2005-0698

2005-03-0705:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-0698

php

remote file inclusion

vulnerability

code execution

phpweblog

7.8 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.4%

JSON

PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) G_PATH parameter to init.inc.php or the (2) PATH parameter to index.php to reference a URL on a remote web server that contains the code.

CPENameOperatorVersion
jason_hines:phpweblogjason hines phpweblogeq0.4.2
jason_hines:phpweblogjason hines phpweblogeq0.5.2
jason_hines:phpweblogjason hines phpweblogeq0.5.1
jason_hines:phpweblogjason hines phpweblogeq0.5
jason_hines:phpweblogjason hines phpweblogeq0.5.3

CPE	Name	Operator	Version
jason_hines:phpweblog	jason hines phpweblog	eq	0.4.2
jason_hines:phpweblog	jason hines phpweblog	eq	0.5.2
jason_hines:phpweblog	jason hines phpweblog	eq	0.5.1
jason_hines:phpweblog	jason hines phpweblog	eq	0.5
jason_hines:phpweblog	jason hines phpweblog	eq	0.5.3

References

www.securityfocus.com/archive/1/392552

www.securityfocus.com/bid/12747

7.8 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.4%

JSON

Related for CVE-2005-0698

openvas1