mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
93 lines
2.7 KiB
JSON
93 lines
2.7 KiB
JSON
{
|
|
"id": "CVE-2005-4286",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2005-12-16T11:03:00.000",
|
|
"lastModified": "2011-03-08T02:27:57.360",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Unspecified vulnerability in PhpLogCon before 1.2.2 allows remote attackers to use arbitrary profiles via unknown vectors involving \"'smart' values for userid and password,\" probably involving an SQL injection vulnerability in the (1) pass and (2) usr parameters in submit.php."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 7.5
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": true,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:a:phplogcon:phplogcon:1.1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B197ADD6-883E-49EE-8826-0E0E8F1419A1"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:a:phplogcon:phplogcon:1.2.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7CF29DEE-DD91-4CFA-AC90-F69397D5A3D1"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:a:phplogcon:phplogcon:1.2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B197CA2E-A278-4E81-9FD8-93E26611DBE5"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://cvs.sourceforge.net/viewcvs.py/phplogcon/phplogcon/submit.php?r1=1.4&r2=1.5",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.phplogcon.com/Article9.phtml",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2005/2930",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |