Lucene search

[email protected]NVD:CVE-2003-1385

HistoryDec 31, 2003 - 5:00 a.m.

CVE-2003-1385

2003-12-3105:00:00

CWE-94

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

High

EPSS

0.031

Percentile

91.3%

JSON

ipchat.php in Invision Power Board 1.1.1 allows remote attackers to execute arbitrary PHP code, if register_globals is enabled, by modifying the root_path parameter to reference a URL on a remote web server that contains the code.

Affected configurations

Nvd

Node

invision_power_servicesinvision_power_boardMatch1.1.1

VendorProductVersionCPE
invision_power_servicesinvision_power_board1.1.1cpe:2.3:a:invision_power_services:invision_power_board:1.1.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
invision_power_services	invision_power_board	1.1.1	cpe:2.3:a:invision_power_services:invision_power_board:1.1.1:::::::*

References

archives.neohapsis.com/archives/vulnwatch/2003-q1/0099.html

secunia.com/advisories/8182

www.osvdb.org/3357

www.securityfocus.com/bid/6976

exchange.xforce.ibmcloud.com/vulnerabilities/11435

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

High

EPSS

0.031

Percentile

91.3%

JSON

Related for NVD:CVE-2003-1385

exploitdb1 cve1 nessus1 cvelist1