Lucene search
MitreCVE-2004-2538HistoryOct 25, 2005 - 4:00 a.m.
CVE-2004-2538
2005-10-2504:00:00
mitre
web.nvd.nist.gov
25
security
code injection
vulnerability
phpcodegenie
remote execution
cve-2004-2538
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.015
Percentile
87.4%
Direct static code injection vulnerability in the PCG simple application generation in phpCodeGenie before 3.0.2 allows remote authenticated users to execute arbitrary code via the (1) header or (2) footer.
Affected configurations
Node
nilesh_dosooyephpcodegenieRange≤3.0.1
ORnilesh_dosooyephpcodegenieMatch1.1
ORnilesh_dosooyephpcodegenieMatch1.4
ORnilesh_dosooyephpcodegenieMatch1.21
ORnilesh_dosooyephpcodegenieMatch3.0_alpha
ORnilesh_dosooyephpcodegenieMatch3.0_beta
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nilesh_dosooye | phpcodegenie | * | cpe:2.3:a:nilesh_dosooye:phpcodegenie:*:*:*:*:*:*:*:* |
| nilesh_dosooye | phpcodegenie | 1.1 | cpe:2.3:a:nilesh_dosooye:phpcodegenie:1.1:*:*:*:*:*:*:* |
| nilesh_dosooye | phpcodegenie | 1.4 | cpe:2.3:a:nilesh_dosooye:phpcodegenie:1.4:*:*:*:*:*:*:* |
| nilesh_dosooye | phpcodegenie | 1.21 | cpe:2.3:a:nilesh_dosooye:phpcodegenie:1.21:*:*:*:*:*:*:* |
| nilesh_dosooye | phpcodegenie | 3.0_alpha | cpe:2.3:a:nilesh_dosooye:phpcodegenie:3.0_alpha:*:*:*:*:*:*:* |
| nilesh_dosooye | phpcodegenie | 3.0_beta | cpe:2.3:a:nilesh_dosooye:phpcodegenie:3.0_beta:*:*:*:*:*:*:* |
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.015
Percentile
87.4%
Related for CVE-2004-2538