Lucene search

[email protected]CVE-2005-2413

HistoryAug 03, 2005 - 4:00 a.m.

CVE-2005-2413

2005-08-0304:00:00

[email protected]

web.nvd.nist.gov

php

remote file inclusion

vulnerability

atomic photo album

apa

arbitrary code execution

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.6 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.5%

JSON

PHP remote file inclusion vulnerability in apa_phpinclude.inc.php in Atomic Photo Album (APA) allows remote attackers to execute arbitrary PHP code via the apa_module_basedir parameter.

Affected configurations

NVD

Node

atomic_photo_albumatomic_photo_albumMatch1.0

atomic_photo_albumatomic_photo_albumMatch1.0.1

atomic_photo_albumatomic_photo_albumMatch1.0.2

atomic_photo_albumatomic_photo_albumMatch1.0.3

atomic_photo_albumatomic_photo_albumMatch1.0.4

atomic_photo_albumatomic_photo_albumMatch1.0.5

atomic_photo_albumatomic_photo_albumMatch1.1.0_pre1

atomic_photo_albumatomic_photo_albumMatch1.1.0_pre2

atomic_photo_albumatomic_photo_albumMatch1.1.0_pre3

atomic_photo_albumatomic_photo_albumMatch1.1.0_pre4

CPENameOperatorVersion
atomic_photo_album:atomic_photo_albumatomic photo albumeq1.0
atomic_photo_album:atomic_photo_albumatomic photo albumeq1.0.1
atomic_photo_album:atomic_photo_albumatomic photo albumeq1.0.2
atomic_photo_album:atomic_photo_albumatomic photo albumeq1.0.3
atomic_photo_album:atomic_photo_albumatomic photo albumeq1.0.4
atomic_photo_album:atomic_photo_albumatomic photo albumeq1.0.5
atomic_photo_album:atomic_photo_albumatomic photo albumeq1.1.0_pre1
atomic_photo_album:atomic_photo_albumatomic photo albumeq1.1.0_pre2
atomic_photo_album:atomic_photo_albumatomic photo albumeq1.1.0_pre3
atomic_photo_album:atomic_photo_albumatomic photo albumeq1.1.0_pre4

CPE	Name	Operator	Version
atomic_photo_album:atomic_photo_album	atomic photo album	eq	1.0
atomic_photo_album:atomic_photo_album	atomic photo album	eq	1.0.1
atomic_photo_album:atomic_photo_album	atomic photo album	eq	1.0.2
atomic_photo_album:atomic_photo_album	atomic photo album	eq	1.0.3
atomic_photo_album:atomic_photo_album	atomic photo album	eq	1.0.4
atomic_photo_album:atomic_photo_album	atomic photo album	eq	1.0.5
atomic_photo_album:atomic_photo_album	atomic photo album	eq	1.1.0_pre1
atomic_photo_album:atomic_photo_album	atomic photo album	eq	1.1.0_pre2
atomic_photo_album:atomic_photo_album	atomic photo album	eq	1.1.0_pre3
atomic_photo_album:atomic_photo_album	atomic photo album	eq	1.1.0_pre4

References

marc.info/?l=bugtraq&m=112230428725189&w=2

secunia.com/advisories/16201

securitytracker.com/id?1014569

www.osvdb.org/18265

www.securityfocus.com/bid/14368

exchange.xforce.ibmcloud.com/vulnerabilities/21562

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.6 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.5%

JSON

Related for CVE-2005-2413

nessus1 nvd1 cvelist1