Lucene search

[email protected]NVD:CVE-2005-3021

HistorySep 21, 2005 - 10:03 p.m.

CVE-2005-3021

2005-09-2122:03:00

[email protected]

web.nvd.nist.gov

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.8

Confidence

Low

EPSS

0.002

Percentile

60.0%

JSON

image.php in vBulletin 3.0.9 and earlier allows remote attackers with access to the administrator panel to upload arbitrary files via the upload action.

Affected configurations

Nvd

Node

jelsoftvbulletinMatch1.0.1lite

jelsoftvbulletinMatch2.0.3

jelsoftvbulletinMatch2.0_rc2

jelsoftvbulletinMatch2.0_rc3

jelsoftvbulletinMatch2.2.0

jelsoftvbulletinMatch2.2.1

jelsoftvbulletinMatch2.2.2

jelsoftvbulletinMatch2.2.3

jelsoftvbulletinMatch2.2.4

jelsoftvbulletinMatch2.2.5

jelsoftvbulletinMatch2.2.6

jelsoftvbulletinMatch2.2.7

jelsoftvbulletinMatch2.2.8

jelsoftvbulletinMatch2.2.9

jelsoftvbulletinMatch2.3.0

jelsoftvbulletinMatch2.3.2

jelsoftvbulletinMatch2.3.3

jelsoftvbulletinMatch2.3.4

jelsoftvbulletinMatch3.0

jelsoftvbulletinMatch3.0.1

jelsoftvbulletinMatch3.0.2

jelsoftvbulletinMatch3.0.3

jelsoftvbulletinMatch3.0.4

jelsoftvbulletinMatch3.0.5

jelsoftvbulletinMatch3.0.6

jelsoftvbulletinMatch3.0.7

jelsoftvbulletinMatch3.0.8

jelsoftvbulletinMatch3.0.9

jelsoftvbulletinMatch3.0_beta_2

jelsoftvbulletinMatch3.0_beta_3

jelsoftvbulletinMatch3.0_beta_4

jelsoftvbulletinMatch3.0_beta_5

jelsoftvbulletinMatch3.0_beta_6

jelsoftvbulletinMatch3.0_beta_7

jelsoftvbulletinMatch3.0_gamma

VendorProductVersionCPE
jelsoftvbulletin1.0.1cpe:2.3:a:jelsoft:vbulletin:1.0.1:*:lite:*:*:*:*:*
jelsoftvbulletin2.0.3cpe:2.3:a:jelsoft:vbulletin:2.0.3:*:*:*:*:*:*:*
jelsoftvbulletin2.0_rc2cpe:2.3:a:jelsoft:vbulletin:2.0_rc2:*:*:*:*:*:*:*
jelsoftvbulletin2.0_rc3cpe:2.3:a:jelsoft:vbulletin:2.0_rc3:*:*:*:*:*:*:*
jelsoftvbulletin2.2.0cpe:2.3:a:jelsoft:vbulletin:2.2.0:*:*:*:*:*:*:*
jelsoftvbulletin2.2.1cpe:2.3:a:jelsoft:vbulletin:2.2.1:*:*:*:*:*:*:*
jelsoftvbulletin2.2.2cpe:2.3:a:jelsoft:vbulletin:2.2.2:*:*:*:*:*:*:*
jelsoftvbulletin2.2.3cpe:2.3:a:jelsoft:vbulletin:2.2.3:*:*:*:*:*:*:*
jelsoftvbulletin2.2.4cpe:2.3:a:jelsoft:vbulletin:2.2.4:*:*:*:*:*:*:*
jelsoftvbulletin2.2.5cpe:2.3:a:jelsoft:vbulletin:2.2.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
jelsoft	vbulletin	1.0.1	cpe:2.3:a:jelsoft:vbulletin:1.0.1::lite:::::
jelsoft	vbulletin	2.0.3	cpe:2.3:a:jelsoft:vbulletin:2.0.3:::::::*
jelsoft	vbulletin	2.0_rc2	cpe:2.3:a:jelsoft:vbulletin:2.0_rc2:::::::*
jelsoft	vbulletin	2.0_rc3	cpe:2.3:a:jelsoft:vbulletin:2.0_rc3:::::::*
jelsoft	vbulletin	2.2.0	cpe:2.3:a:jelsoft:vbulletin:2.2.0:::::::*
jelsoft	vbulletin	2.2.1	cpe:2.3:a:jelsoft:vbulletin:2.2.1:::::::*
jelsoft	vbulletin	2.2.2	cpe:2.3:a:jelsoft:vbulletin:2.2.2:::::::*
jelsoft	vbulletin	2.2.3	cpe:2.3:a:jelsoft:vbulletin:2.2.3:::::::*
jelsoft	vbulletin	2.2.4	cpe:2.3:a:jelsoft:vbulletin:2.2.4:::::::*
jelsoft	vbulletin	2.2.5	cpe:2.3:a:jelsoft:vbulletin:2.2.5:::::::*

Rows per page:

1-10 of 351

References

marc.info/?l=bugtraq&m=112715150320677&w=2

morph3us.org/advisories/20050917-vbulletin-3.0.8.txt

secunia.com/advisories/16873/

exchange.xforce.ibmcloud.com/vulnerabilities/22325

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.8

Confidence

Low

EPSS

0.002

Percentile

60.0%

JSON

Related for NVD:CVE-2005-3021

cve1 cvelist1