Lucene search

[email protected]CVE-2005-4087

HistoryDec 08, 2005 - 11:03 a.m.

CVE-2005-4087

2005-12-0811:03:00

[email protected]

web.nvd.nist.gov

php

remote file include vulnerability

sugarcrm

security

nvd

7.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.3%

JSON

PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the beanFiles array parameter.

Affected configurations

NVD

Node

sugarcrmsugar_suiteMatch3.5

sugarcrmsugar_suiteMatch4.0_beta

CPENameOperatorVersion
sugarcrm:sugar_suitesugarcrm sugar suiteeq3.5
sugarcrm:sugar_suitesugarcrm sugar suiteeq4.0_beta

CPE	Name	Operator	Version
sugarcrm:sugar_suite	sugarcrm sugar suite	eq	3.5
sugarcrm:sugar_suite	sugarcrm sugar suite	eq	4.0_beta

References

securityreason.com/securityalert/239

www.securityfocus.com/archive/1/418840

www.securityfocus.com/bid/15760

exchange.xforce.ibmcloud.com/vulnerabilities/23541

7.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.3%

JSON

Related for CVE-2005-4087

nvd1 cvelist1 openvas2 nessus1