Lucene search

[email protected]CVE-2005-2246

HistoryJul 12, 2005 - 4:00 a.m.

CVE-2005-2246

2005-07-1204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2005

2246

php

remote file inclusion

vulnerabilities

iphotoalbum 1.1

arbitrary code

nvd

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.1 Low

EPSS

Percentile

94.8%

JSON

Multiple PHP remote file inclusion vulnerabilities in iPhotoAlbum 1.1 allow remote attackers to execute arbitrary code via the (1) doc_path parameter to getpage.php or (2) set_menu parameter to lib/static/header.php.

References

secunia.com/advisories/16031

securitytracker.com/id?1014448

www.attrition.org/pipermail/vim/2007-March/001474.html

www.securityfocus.com/bid/14229

www.securityfocus.com/bid/23189

www.exploit-db.com/exploits/3596

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.1 Low

EPSS

Percentile

94.8%

JSON