Lucene search

MitreCVE-2005-1965

HistoryJun 16, 2005 - 4:00 a.m.

CVE-2005-1965

2005-06-1604:00:00

CWE-94

mitre

web.nvd.nist.gov

cve-2005-1965

php

remote file inclusion

vulnerability

siteframe.php

broadpool siteframe

arbitrary code

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

High

EPSS

0.041

Percentile

92.2%

JSON

PHP remote file inclusion vulnerability in siteframe.php for Broadpool Siteframe allows remote attackers to execute arbitrary code via a URL in the LOCAL_PATH parameter.

Affected configurations

Nvd

Node

glen_campbellsiteframeMatch3.0.1

glen_campbellsiteframeMatch3.0.2

glen_campbellsiteframeMatch3.1

glen_campbellsiteframeMatch3.1.1

glen_campbellsiteframeMatch3.1.2

glen_campbellsiteframeMatch3.1.4

glen_campbellsiteframeMatch3.1.6

glen_campbellsiteframeMatch3.1.8_beta

glen_campbellsiteframeMatch3.1.9

glen_campbellsiteframeMatch3.2_p5

VendorProductVersionCPE
glen_campbellsiteframe3.0.1cpe:2.3:a:glen_campbell:siteframe:3.0.1:*:*:*:*:*:*:*
glen_campbellsiteframe3.0.2cpe:2.3:a:glen_campbell:siteframe:3.0.2:*:*:*:*:*:*:*
glen_campbellsiteframe3.1cpe:2.3:a:glen_campbell:siteframe:3.1:*:*:*:*:*:*:*
glen_campbellsiteframe3.1.1cpe:2.3:a:glen_campbell:siteframe:3.1.1:*:*:*:*:*:*:*
glen_campbellsiteframe3.1.2cpe:2.3:a:glen_campbell:siteframe:3.1.2:*:*:*:*:*:*:*
glen_campbellsiteframe3.1.4cpe:2.3:a:glen_campbell:siteframe:3.1.4:*:*:*:*:*:*:*
glen_campbellsiteframe3.1.6cpe:2.3:a:glen_campbell:siteframe:3.1.6:*:*:*:*:*:*:*
glen_campbellsiteframe3.1.8_betacpe:2.3:a:glen_campbell:siteframe:3.1.8_beta:*:*:*:*:*:*:*
glen_campbellsiteframe3.1.9cpe:2.3:a:glen_campbell:siteframe:3.1.9:*:*:*:*:*:*:*
glen_campbellsiteframe3.2_p5cpe:2.3:a:glen_campbell:siteframe:3.2_p5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
glen_campbell	siteframe	3.0.1	cpe:2.3:a:glen_campbell:siteframe:3.0.1:::::::*
glen_campbell	siteframe	3.0.2	cpe:2.3:a:glen_campbell:siteframe:3.0.2:::::::*
glen_campbell	siteframe	3.1	cpe:2.3:a:glen_campbell:siteframe:3.1:::::::*
glen_campbell	siteframe	3.1.1	cpe:2.3:a:glen_campbell:siteframe:3.1.1:::::::*
glen_campbell	siteframe	3.1.2	cpe:2.3:a:glen_campbell:siteframe:3.1.2:::::::*
glen_campbell	siteframe	3.1.4	cpe:2.3:a:glen_campbell:siteframe:3.1.4:::::::*
glen_campbell	siteframe	3.1.6	cpe:2.3:a:glen_campbell:siteframe:3.1.6:::::::*
glen_campbell	siteframe	3.1.8_beta	cpe:2.3:a:glen_campbell:siteframe:3.1.8_beta:::::::*
glen_campbell	siteframe	3.1.9	cpe:2.3:a:glen_campbell:siteframe:3.1.9:::::::*
glen_campbell	siteframe	3.2_p5	cpe:2.3:a:glen_campbell:siteframe:3.2_p5:::::::*

References

list.broadpool.com/pipermail/siteframe-announce/2005-June/000020.html

secunia.com/advisories/15657

securitytracker.com/id?1014150

www.osvdb.org/17246

www.securityfocus.com/bid/13928

exchange.xforce.ibmcloud.com/vulnerabilities/20973

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

High

EPSS

0.041

Percentile

92.2%

JSON

Related for CVE-2005-1965