Lucene search

[email protected]CVE-2005-3558

HistoryNov 16, 2005 - 7:42 a.m.

CVE-2005-3558

2005-11-1607:42:00

[email protected]

web.nvd.nist.gov

cve

2005

3558

php

file inclusion

vulnerability

oste 1.0

index.php

remote attackers

arbitrary code

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

Low

0.139 Low

EPSS

Percentile

95.7%

JSON

PHP file inclusion vulnerability in index.php in OSTE 1.0 allows remote attackers to execute arbitrary code via the (1) page and (2) site parameters.

Affected configurations

NVD

Node

osteosteMatch1.0

CPENameOperatorVersion
oste:osteosteeq1.0

CPE	Name	Operator	Version
oste:oste	oste	eq	1.0

References

osvdb.org/20578

secunia.com/advisories/17493

securitytracker.com/id?1015163

www.securityfocus.com/archive/1/415963/30/0/threaded

www.securityfocus.com/bid/15340

www.vupen.com/english/advisories/2005/2347

exchange.xforce.ibmcloud.com/vulnerabilities/23023

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

Low

0.139 Low

EPSS

Percentile

95.7%

JSON

Related for CVE-2005-3558

cvelist1 nvd1