ID CVE-2005-1869
Summary PHP remote file inclusion vulnerability in start_lobby.php in MWChat 6.x allows remote attackers to execute arbitrary PHP code via the CONFIG[MWCHAT_Libs] parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:appindex:mwchat:*:*:*:*:*:*:*:*
    cpe:2.3:a:appindex:mwchat:*:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 05-09-2008 - 20:50)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
confirm http://www.appindex.net
misc http://www.defacers.com.mx/advisories/4.txt
osvdb 17087
sectrack 1014090
secunia 15596
Last major update 05-09-2008 - 20:50
Published 07-06-2005 - 04:00
Back to Top