Lucene search
HistoryNov 01, 2005 - 12:47 p.m.
CVE-2005-3404
cve-2005-3404
php
file inclusion
vulnerabilities
atutor
remote attackers
arbitrary files
null byte
nvd
7.2 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.106 Low
EPSS
Percentile
95.0%
Multiple PHP file inclusion vulnerabilities in ATutor 1.4.1 through 1.5.1-pl1 allow remote attackers to include arbitrary files via the section parameter followed by a null byte (%00) in (1) body_header.inc.php and (2) print.php.
References
Related
cve
cve
CVE-2006-5734
2006-11-06 18:07:00
openvas
openvas
ATutor < 1.5.1-pl1 Multiple Flaws
2006-03-26 00:00:00
nessus
nessus
ATutor < 1.5.1-pl1 Multiple Remote Vulnerabilities (XSS, RFI, Command Exe)
2005-10-27 00:00:00
7.2 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.106 Low
EPSS
Percentile
95.0%
Related for CVE-2005-3404