ID |
CVE-2005-2625
|
Summary |
Incomplete blacklist vulnerability in the checkBlacklist function in CPAINT allows remote attackers to execute arbitrary commands via the (1) ExecuteGlobal function or (2) GetRef statement, which is not included in the blacklist. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 7.5 (as of 18-10-2016 - 03:29) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
bugtraq | 20050816 RE: Vulnerability found in CPAINT Ajax Toolkit |
|
Last major update |
18-10-2016 - 03:29 |
Published |
19-08-2005 - 04:00 |
Last modified |
18-10-2016 - 03:29 |