Lucene search

[email protected]CVE-2005-3021

HistorySep 21, 2005 - 10:03 p.m.

CVE-2005-3021

2005-09-2122:03:00

[email protected]

web.nvd.nist.gov

cve-2005-3021

image.php

vbulletin

remote attackers

arbitrary files

nvd

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

7.2 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.0%

JSON

image.php in vBulletin 3.0.9 and earlier allows remote attackers with access to the administrator panel to upload arbitrary files via the upload action.

Affected configurations

NVD

Node

jelsoftvbulletinMatch1.0.1lite

jelsoftvbulletinMatch2.0.3

jelsoftvbulletinMatch2.0_rc2

jelsoftvbulletinMatch2.0_rc3

jelsoftvbulletinMatch2.2.0

jelsoftvbulletinMatch2.2.1

jelsoftvbulletinMatch2.2.2

jelsoftvbulletinMatch2.2.3

jelsoftvbulletinMatch2.2.4

jelsoftvbulletinMatch2.2.5

jelsoftvbulletinMatch2.2.6

jelsoftvbulletinMatch2.2.7

jelsoftvbulletinMatch2.2.8

jelsoftvbulletinMatch2.2.9

jelsoftvbulletinMatch2.3.0

jelsoftvbulletinMatch2.3.2

jelsoftvbulletinMatch2.3.3

jelsoftvbulletinMatch2.3.4

jelsoftvbulletinMatch3.0

jelsoftvbulletinMatch3.0.1

jelsoftvbulletinMatch3.0.2

jelsoftvbulletinMatch3.0.3

jelsoftvbulletinMatch3.0.4

jelsoftvbulletinMatch3.0.5

jelsoftvbulletinMatch3.0.6

jelsoftvbulletinMatch3.0.7

jelsoftvbulletinMatch3.0.8

jelsoftvbulletinMatch3.0.9

jelsoftvbulletinMatch3.0_beta_2

jelsoftvbulletinMatch3.0_beta_3

jelsoftvbulletinMatch3.0_beta_4

jelsoftvbulletinMatch3.0_beta_5

jelsoftvbulletinMatch3.0_beta_6

jelsoftvbulletinMatch3.0_beta_7

jelsoftvbulletinMatch3.0_gamma

CPENameOperatorVersion
jelsoft:vbulletinjelsoft vbulletineq1.0.1
jelsoft:vbulletinjelsoft vbulletineq2.0.3
jelsoft:vbulletinjelsoft vbulletineq2.0_rc2
jelsoft:vbulletinjelsoft vbulletineq2.0_rc3
jelsoft:vbulletinjelsoft vbulletineq2.2.0
jelsoft:vbulletinjelsoft vbulletineq2.2.1
jelsoft:vbulletinjelsoft vbulletineq2.2.2
jelsoft:vbulletinjelsoft vbulletineq2.2.3
jelsoft:vbulletinjelsoft vbulletineq2.2.4
jelsoft:vbulletinjelsoft vbulletineq2.2.5

CPE	Name	Operator	Version
jelsoft:vbulletin	jelsoft vbulletin	eq	1.0.1
jelsoft:vbulletin	jelsoft vbulletin	eq	2.0.3
jelsoft:vbulletin	jelsoft vbulletin	eq	2.0_rc2
jelsoft:vbulletin	jelsoft vbulletin	eq	2.0_rc3
jelsoft:vbulletin	jelsoft vbulletin	eq	2.2.0
jelsoft:vbulletin	jelsoft vbulletin	eq	2.2.1
jelsoft:vbulletin	jelsoft vbulletin	eq	2.2.2
jelsoft:vbulletin	jelsoft vbulletin	eq	2.2.3
jelsoft:vbulletin	jelsoft vbulletin	eq	2.2.4
jelsoft:vbulletin	jelsoft vbulletin	eq	2.2.5

Rows per page:

1-10 of 351

References

marc.info/?l=bugtraq&m=112715150320677&w=2

morph3us.org/advisories/20050917-vbulletin-3.0.8.txt

secunia.com/advisories/16873/

exchange.xforce.ibmcloud.com/vulnerabilities/22325

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

7.2 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.0%

JSON

Related for CVE-2005-3021

nvd1 cvelist1