mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
103 lines
2.7 KiB
JSON
103 lines
2.7 KiB
JSON
{
|
|
"id": "CVE-2005-2154",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2005-07-06T04:00:00.000",
|
|
"lastModified": "2008-09-05T20:51:01.867",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers to include and possibly execute arbitrary local files via the inc parameter."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 7.5
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": true,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:osticket:osticket_sts:1.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "00CBCE49-FA09-47BD-9584-486B32D58EFB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:osticket:osticket_sts:1.2.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E2D83869-36F9-4AD0-8B90-AF2ACF281735"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:osticket:osticket_sts:1.3_beta:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "528C4718-78C4-4C49-8759-1BB17E2A331F"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://seclists.org/lists/bugtraq/2005/Jul/0009.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://securitytracker.com/id?1014373",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/14127",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
}
|
|
]
|
|
} |