mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
334 lines
12 KiB
JSON
334 lines
12 KiB
JSON
{
|
|
"id": "CVE-2005-2781",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2005-09-02T23:03:00.000",
|
|
"lastModified": "2024-11-21T00:00:25.163",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The Avatar upload feature in FUD Forum before 2.7.0 does not properly verify uploaded files, which allows remote attackers to execute arbitrary PHP code via a file with a .php extension that contains image data followed by PHP code."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
|
"baseScore": 7.5,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL"
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": true,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5E66CD67-55D1-48A0-9A19-D3153B7DC787"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A21D4EA6-C739-4BA0-ABBD-1E95CDD5E808"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.1.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F68DB291-A958-4296-855A-B3CF19704E70"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.1.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A8A9D296-6C54-4436-AE77-0D5291415DBE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.2.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "81684C0A-B31D-46F5-998F-21F1FDDFBBEC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5A41890E-4C88-4161-9DE3-C273272176E3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.2.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FDB8AF21-93A9-4756-B2E8-313FA6638158"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.2.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B14E676F-8A71-4607-80DC-F538F697E674"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.2.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2C42CAF4-3936-455F-AE02-312278C84FD9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.2.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "00EB1238-BD1C-4A5E-9491-8AC343868FFC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C07DA566-0075-4297-8531-A5E7C03877FA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D5428C3B-997C-417E-932D-CD2E9139891D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B49C1DE2-FE7A-4AE0-AFB4-15C323C47817"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "63E5AFE9-C5FC-448D-B3FB-411C0CAB2174"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CFA28579-5406-471B-A015-00DE3283B8C7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1CC947E3-E98A-4673-B6A4-22C63BDAADBD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2BF1BF48-11AE-4737-9F65-E01A3F8D5EA3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4D94B04F-E6E4-452E-883A-B88DDDDF6AE2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C253560E-D233-43B0-86E6-F41690BEEDCC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.5.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1AB63A18-0C81-4C18-91CE-E9FC1497CB82"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.5.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E0A0F3EF-9345-407B-8110-C6F8E44861CA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.5.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8F6480F8-D5AF-418F-BBB7-E09941EAA56E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E20EC310-AF18-4001-913C-849D60C86047"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6C5A8FE4-FD41-4FB5-B0FA-C3C4669E42C9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "699C28AF-95BD-44EA-BD50-F9616B53FBF1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3A60D274-69FA-4C37-A472-FEB1D18DA6C5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3C4219A0-F0EA-4303-B46F-D170EB6B05B3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9837B11A-A3AA-4CE7-A0BE-E9709D42ECD4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0590709E-FD1E-4BF4-8158-09B243B87648"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EA4DAE8A-8F53-4A66-9A42-BC468569D31B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C4331016-C28D-4C17-B6A2-11A7E45873E6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DFADD332-B80D-4D04-AA20-147F00F3CB0F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8A60EFEB-036F-4828-8D17-069C0CF448D5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.11:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "51906E70-8317-4B8A-A384-13F62B0D24B5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.12:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "50A53ED7-CB9B-4D83-8C67-BF14DDD5A081"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.13:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3E2D688C-2A06-4381-A2FF-27CA81606A69"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.14:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F035957A-5FF8-43AA-8DF9-C132051FF1E1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.15:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A90D1C9D-E8C2-43D1-A87E-89DA4CBDE4BA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ilia_alshanetsky:fudforum:2.7.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A616B2B6-49D7-42D2-8FFE-7D9B3B7FE13B"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://fudforum.org/forum/index.php?t=msg&th=5470&start=0&",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://marc.info/?l=bugtraq&m=112534235403406&w=2",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/16627/",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/20203",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.debian.org/security/2006/dsa-1063",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/500406/100/0/threaded",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/14678",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22076",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://fudforum.org/forum/index.php?t=msg&th=5470&start=0&",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://marc.info/?l=bugtraq&m=112534235403406&w=2",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/16627/",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/20203",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.debian.org/security/2006/dsa-1063",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/500406/100/0/threaded",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/14678",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22076",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |