Lucene search

[email protected]CVE-2005-2782

HistorySep 02, 2005 - 11:03 p.m.

CVE-2005-2782

2005-09-0223:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

313

cve-2005-2782

php

remote file inclusion

autolinks pro 2.1

vulnerability

nvd

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.055 Low

EPSS

Percentile

93.1%

JSON

PHP remote file inclusion vulnerability in al_initialize.php for AutoLinks Pro 2.1 allows remote attackers to execute arbitrary PHP code via an “ftp://” URL in the alpath parameter, which bypasses the incomplete blacklist that only checks for “http” and “https” URLs.

CPENameOperatorVersion
autolinks:autolinksautolinkseq2.1

CPE	Name	Operator	Version
autolinks:autolinks	autolinks	eq	2.1

References

marc.info/?l=bugtraq&m=112535379716486&w=2

secunia.com/advisories/16620/

www.securityfocus.com/bid/14686

exchange.xforce.ibmcloud.com/vulnerabilities/22061

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.055 Low

EPSS

Percentile

93.1%

JSON

Related for CVE-2005-2782

nessus1