mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
122 lines
3.4 KiB
JSON
122 lines
3.4 KiB
JSON
{
|
|
"id": "CVE-2005-4286",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2005-12-16T11:03:00.000",
|
|
"lastModified": "2024-11-21T00:03:53.270",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Unspecified vulnerability in PhpLogCon before 1.2.2 allows remote attackers to use arbitrary profiles via unknown vectors involving \"'smart' values for userid and password,\" probably involving an SQL injection vulnerability in the (1) pass and (2) usr parameters in submit.php."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
|
"baseScore": 7.5,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL"
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": true,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:a:phplogcon:phplogcon:1.1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B197ADD6-883E-49EE-8826-0E0E8F1419A1"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:a:phplogcon:phplogcon:1.2.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7CF29DEE-DD91-4CFA-AC90-F69397D5A3D1"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:a:phplogcon:phplogcon:1.2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B197CA2E-A278-4E81-9FD8-93E26611DBE5"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://cvs.sourceforge.net/viewcvs.py/phplogcon/phplogcon/submit.php?r1=1.4&r2=1.5",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/18053",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.phplogcon.com/Article9.phtml",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2005/2930",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://cvs.sourceforge.net/viewcvs.py/phplogcon/phplogcon/submit.php?r1=1.4&r2=1.5",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/18053",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.phplogcon.com/Article9.phtml",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2005/2930",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |