Lucene search

[email protected]CVE-2005-2616

HistoryAug 17, 2005 - 4:00 a.m.

CVE-2005-2616

2005-08-1704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

php

file include

ezupload

vulnerability

remote code execution

cve-2005-2616

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.221 Low

EPSS

Percentile

96.4%

JSON

Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote attackers to execute arbitrary code via the path parameter to (1) initialize.php, (2) customize.php, (3) form.php, or (4) index.php.

CPENameOperatorVersion
ezupload:ezuploadezuploadeq2.2

CPE	Name	Operator	Version
ezupload:ezupload	ezupload	eq	2.2

References

packetstorm.linuxsecurity.com/0508-exploits/ezuploadRemote.txt

secunia.com/advisories/16434

securitytracker.com/id?1014723

www.securiteam.com/exploits/5JP0J15GKU.html

www.securityfocus.com/bid/14534

www.vupen.com/english/advisories/2005/1379

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.221 Low

EPSS

Percentile

96.4%

JSON

Related for CVE-2005-2616

nessus1