Lucene search

K
cve[email protected]CVE-2005-2951
HistorySep 16, 2005 - 10:03 p.m.

CVE-2005-2951

2005-09-1622:03:00
NVD-CWE-Other
web.nvd.nist.gov
26
azdgdatinglite
security
vulnerability
php
directory traversal
cve-2005-2951

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.056 Low

EPSS

Percentile

93.1%

Directory traversal vulnerability in security.inc.php in AzDGDatingLite 2.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary PHP commands via “…” sequences and “%00” (trailing null byte) characters in the l parameter, which is used in an include_once statement.

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.056 Low

EPSS

Percentile

93.1%