Lucene search

K
nvd[email protected]NVD:CVE-2015-2845
HistoryMay 12, 2015 - 7:59 p.m.

CVE-2015-2845

2015-05-1219:59:20
CWE-78
web.nvd.nist.gov
2

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.074

Percentile

94.1%

The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1421902800 allows remote attackers to execute arbitrary commands via the $type portion of the PATH_INFO.

Affected configurations

Nvd
Node
goautodialgoadmin_ceMatch3.0
OR
goautodialgoadmin_ceMatch3.3

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.074

Percentile

94.1%