ID |
CVE-2005-0860
|
Summary |
PHP remote file inclusion vulnerability in TRG News Script 3.0 allows remote attackers to execute arbitrary PHP code via the dir parameter to (1) article.php, (2) authorall.php, (3) comment.php, (4) display.php, or (5) displayall.php. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 7.5 (as of 05-09-2008 - 20:47) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
bid | 12855 | sectrack | 1013487 | secunia | 14669 |
|
Last major update |
05-09-2008 - 20:47 |
Published |
02-05-2005 - 04:00 |
Last modified |
05-09-2008 - 20:47 |