Lucene search

[email protected]CVE-2005-2290

HistoryJul 18, 2005 - 4:00 a.m.

CVE-2005-2290

2005-07-1804:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-2290

wps_shop.cgi

remote attack

web security

command injection

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.194 Low

EPSS

Percentile

96.2%

JSON

wps_shop.cgi in WPS Web Portal System 0.7.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) art and (2) cat variables.

References

marc.info/?l=bugtraq&m=112128870110418&w=2

secunia.com/advisories/15780

securitytracker.com/id?1014480

www.securityfocus.com/bid/14245

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.194 Low

EPSS

Percentile

96.2%

JSON

Related for CVE-2005-2290

nessus1