{"result": {"cve": [{"id": "CVE-2005-2614", "type": "cve", "title": "CVE-2005-2614", "description": "Discuz! 4.0 rc4 does not properly restrict types of files that are uploaded to the server, which allows remote attackers to execute arbitrary commands via a filename containing \".php.rar\" or other multiple extensions that include .php.", "published": "2005-08-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2614", "cvelist": ["CVE-2005-2614"], "lastseen": "2016-09-03T05:43:03"}], "openvas": [{"id": "OPENVAS:136141256231019751", "type": "openvas", "title": "Discuz! <= 4.0.0 rc4 Arbitrary File Upload Flaw", "description": "The remote host is using Discuz!, a popular web application forum in\nChina. \n\nAccording to its version, the installation of Discuz! on the remote host\nfails to properly check for multiple extensions in uploaded files. An\nattacker may be able to exploit this issue to execute arbitrary commands\non the remote host subject to the privileges of the web server user id,\ntypically nobody.", "published": "2006-03-26T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231019751", "cvelist": ["CVE-2005-2614"], "lastseen": "2018-04-06T11:15:46"}, {"id": "OPENVAS:19751", "type": "openvas", "title": "Discuz! <= 4.0.0 rc4 Arbitrary File Upload Flaw", "description": "The remote host is using Discuz!, a popular web application forum in\nChina. \n\nAccording to its version, the installation of Discuz! on the remote host\nfails to properly check for multiple extensions in uploaded files. An\nattacker may be able to exploit this issue to execute arbitrary commands\non the remote host subject to the privileges of the web server user id,\ntypically nobody.", "published": "2006-03-26T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=19751", "cvelist": ["CVE-2005-2614"], "lastseen": "2017-07-02T21:10:05"}], "nessus": [{"id": "DISCUZ_ARBITRARY_FILE_UPLOAD_FLAW.NASL", "type": "nessus", "title": "Discuz! <= 4.0.0 rc4 Arbitrary File Upload", "description": "The remote host is using Discuz!, a popular web application forum in China. \n\nAccording to its version, the installation of Discuz! on the remote host fails to properly check for multiple extensions in uploaded files. An attacker may be able to exploit this issue to execute arbitrary commands on the remote host subject to the privileges of the web server user id.", "published": "2005-09-19T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=19751", "cvelist": ["CVE-2005-2614"], "lastseen": "2016-11-15T21:26:36"}]}}