CVE-2005-4007 - Multiple unspecified vulnerabilities in SAPID CMS before 1.2.3.03, related to newly registered users

CVE-2005-4007

Summary

Multiple unspecified vulnerabilities in SAPID CMS before 1.2.3.03, related to newly registered users and possibly authorization checks, have unknown impact and attack vectors involving (1) mvc/controller/user_request_analysis.inc.php and (2) usr/xml/ddc/authorization.xml.

References

Vulnerable Configurations

cpe:2.3:a:redgraphic:sapid_cms:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:redgraphic:sapid_cms:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:redgraphic:sapid_cms:1.2.3:rc5:*:*:*:*:*:*
cpe:2.3:a:redgraphic:sapid_cms:1.2.3:rc5:*:*:*:*:*:*
cpe:2.3:a:redgraphic:sapid_cms:-:*:*:*:*:*:*:*
cpe:2.3:a:redgraphic:sapid_cms:-:*:*:*:*:*:*:*
cpe:2.3:a:redgraphic:sapid_cms:1.2.3:rc2:*:*:*:*:*:*
cpe:2.3:a:redgraphic:sapid_cms:1.2.3:rc2:*:*:*:*:*:*
cpe:2.3:a:redgraphic:sapid_cms:1.2.3:rc3:*:*:*:*:*:*
cpe:2.3:a:redgraphic:sapid_cms:1.2.3:rc3:*:*:*:*:*:*
cpe:2.3:a:redgraphic:sapid_cms:1.2.3:stable:*:*:*:*:*:*
cpe:2.3:a:redgraphic:sapid_cms:1.2.3:stable:*:*:*:*:*:*
cpe:2.3:a:redgraphic:sapid_cms:1.2.3.02:*:*:*:*:*:*:*
cpe:2.3:a:redgraphic:sapid_cms:1.2.3.02:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 14-02-2024 - 01:17)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

confirm

Last major update

14-02-2024 - 01:17

Published

05-12-2005 - 01:03

Last modified

14-02-2024 - 01:17