Lucene search
HistoryAug 16, 2005 - 4:00 a.m.
CVE-2005-2568
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
Low
EPSS
0.007
Percentile
80.7%
Eval injection vulnerability in the template engine for SysCP 1.2.10 and earlier allows remote attackers to execute arbitrary PHP code via a string containing the code within “{” and “}” (curly bracket) characters, which are processed by the PHP eval function.
Affected configurations
Node
syscp_teamsyscpMatch1.2.10
Related
cvelist
cvelist
CVE-2005-2568
2005-08-16 04:00:00
CVE-2007-0849
2007-02-08 18:00:00
cve
cve
CVE-2005-2568
2005-08-16 04:00:00
CVE-2007-0849
2007-02-08 18:28:00
prion
prion
Directory traversal
2007-02-08 18:28:00
nessus
nessus
SysCP < 1.2.11 Multiple Script Command Execution Vulnerabilities
2005-08-10 00:00:00
nvd
nvd
CVE-2007-0849
2007-02-08 18:28:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
Low
EPSS
0.007
Percentile
80.7%
Related for NVD:CVE-2005-2568