Lucene search

[email protected]CVE-2005-3549

HistoryNov 16, 2005 - 7:42 a.m.

CVE-2005-3549

2005-11-1607:42:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-3549

code injection

task manager

invision power board

remote execution

8.8 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.3%

JSON

Direct code injection vulnerability in Task Manager in Invision Power Board 2.0.1 allows limited remote attackers to execute arbitrary code by referencing the file in “Task PHP File To Run” field and selecting “Run Task Now”.

CPENameOperatorVersion
invision_power_services:invision_boardinvision power services invision boardeq2.0.1

CPE	Name	Operator	Version
invision_power_services:invision_board	invision power services invision board	eq	2.0.1

References

secunia.com/advisories/17443

www.securityfocus.com/archive/1/415798/30/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/40003

8.8 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.3%

JSON

Related for CVE-2005-3549

cvelist1