Lucene search

MitreCVE-2005-0632

HistoryMar 04, 2005 - 5:00 a.m.

CVE-2005-0632

2005-03-0405:00:00

mitre

web.nvd.nist.gov

cve-2005-0632

phpnews

remote file inclusion

vulnerability

auth.php

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

7.7

Confidence

High

EPSS

0.029

Percentile

91.0%

JSON

PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3, allows remote attackers to execute arbitrary PHP code via the path parameter.

Affected configurations

Nvd

Node

phpnewsphpnewsMatch1.2.3

phpnewsphpnewsMatch1.2.4

VendorProductVersionCPE
phpnewsphpnews1.2.3cpe:2.3:a:phpnews:phpnews:1.2.3:*:*:*:*:*:*:*
phpnewsphpnews1.2.4cpe:2.3:a:phpnews:phpnews:1.2.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpnews	phpnews	1.2.3	cpe:2.3:a:phpnews:phpnews:1.2.3:::::::*
phpnews	phpnews	1.2.4	cpe:2.3:a:phpnews:phpnews:1.2.4:::::::*

References

marc.info/?l=bugtraq&m=110971663824719&w=2

marc.info/?l=bugtraq&m=110989169008570&w=2

secunia.com/advisories/14449

securitytracker.com/id?1013345

www.securityfocus.com/bid/12696

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

7.7

Confidence

High

EPSS

0.029

Percentile

91.0%

JSON

Related for CVE-2005-0632