Lucene search

[email protected]CVE-2005-2633

HistoryAug 23, 2005 - 4:00 a.m.

CVE-2005-2633

2005-08-2304:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

php

file inclusion

vulnerabilities

phptb topic board 2.0

absolutepath parameter

nvd

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.06 Low

EPSS

Percentile

93.4%

JSON

Multiple PHP file inclusion vulnerabilities in (1) admin_o.php, (2) board_o.php, (3) dev_o.php, (4) file_o.php or (5) tech_o.php in PHPTB Topic Board 2.0 and earlier allow remote attackers to execute arbitrary PHP code via the absolutepath parameter.

CPENameOperatorVersion
phptb:topic_boardsphptb topic boardsle2.0

CPE	Name	Operator	Version
phptb:topic_boards	phptb topic boards	le	2.0

References

marc.info/?l=bugtraq&m=112431407619802&w=2

secunia.com/advisories/16492

www.securityfocus.com/bid/14592

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.06 Low

EPSS

Percentile

93.4%

JSON