Lucene search

[email protected]CVE-2005-1821

HistoryJun 01, 2005 - 4:00 a.m.

CVE-2005-1821

2005-06-0104:00:00

[email protected]

web.nvd.nist.gov

cve-2005-1821

php

remote file inclusion

vulnerability

powerdownload 3.0.2

powerdownload 3.0.3

incdir parameter

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.068 Low

EPSS

Percentile

93.9%

JSON

PHP remote file inclusion vulnerability in pdl_header.inc.php in PowerDownload 3.0.2 and 3.0.3 allows remote attackers to execute arbitrary PHP code via the incdir parameter to downloads.php.

Affected configurations

NVD

Node

powerscripts.orgpowerdownloadMatch3.0.2

powerscripts.orgpowerdownloadMatch3.0.3

CPENameOperatorVersion
powerscripts.org:powerdownloadpowerscripts.org powerdownloadeq3.0.2
powerscripts.org:powerdownloadpowerscripts.org powerdownloadeq3.0.3

CPE	Name	Operator	Version
powerscripts.org:powerdownload	powerscripts.org powerdownload	eq	3.0.2
powerscripts.org:powerdownload	powerscripts.org powerdownload	eq	3.0.3

References

marc.info/?l=bugtraq&m=111755754126095&w=2

secunia.com/advisories/15537

securitytracker.com/id?1014078

www.securityfocus.com/bid/13822

www.soulblack.com.ar/repo/papers/advisory/powerdownload_advisory.txt

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.068 Low

EPSS

Percentile

93.9%

JSON

Related for CVE-2005-1821

cvelist1 nvd1