Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities by sandbox
CVE-2008-5694 (GCVE-0-2008-5694)
Vulnerability from nvd – Published: 2008-12-19 18:00 – Updated: 2024-08-07 11:04
VLAI
EPSS
VEX
Summary
PHP remote file inclusion vulnerability in lib/jpgraph/jpgraph_errhandler.inc.php in Sandbox 1.4.1 might allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the issue, if any, may be located in Aditus JpGraph rather than Sandbox. If so, then this should not be treated as an issue in Sandbox.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.by-f10.com/bug.txt | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/487903/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2008-02-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:04:43.822Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "sandbox-errhandler-file-include(47688)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47688"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.by-f10.com/bug.txt"
},
{
"name": "20080210 hi",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487903/100/200/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in lib/jpgraph/jpgraph_errhandler.inc.php in Sandbox 1.4.1 might allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the issue, if any, may be located in Aditus JpGraph rather than Sandbox. If so, then this should not be treated as an issue in Sandbox."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "sandbox-errhandler-file-include(47688)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47688"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.by-f10.com/bug.txt"
},
{
"name": "20080210 hi",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487903/100/200/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5694",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in lib/jpgraph/jpgraph_errhandler.inc.php in Sandbox 1.4.1 might allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the issue, if any, may be located in Aditus JpGraph rather than Sandbox. If so, then this should not be treated as an issue in Sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "sandbox-errhandler-file-include(47688)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47688"
},
{
"name": "http://www.by-f10.com/bug.txt",
"refsource": "MISC",
"url": "http://www.by-f10.com/bug.txt"
},
{
"name": "20080210 hi",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487903/100/200/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5694",
"datePublished": "2008-12-19T18:00:00.000Z",
"dateReserved": "2008-12-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T11:04:43.822Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2449 (GCVE-0-2005-2449)
Vulnerability from nvd – Published: 2005-08-03 04:00 – Updated: 2024-08-07 22:30
VLAI
EPSS
VEX
Summary
Race condition in sandbox before 1.2.11 allows local users to create or overwrite arbitrary files via symlink attack on sandboxpids.tmp.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.gentoo.org/security/en/glsa/glsa-20050… | vendor-advisoryx_refsource_GENTOO |
| http://secunia.com/advisories/16214 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://bugs.gentoo.org/show_bug.cgi?id=96782 | x_refsource_MISC |
| http://securitytracker.com/id?1014574 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/14375 | vdb-entryx_refsource_BID |
Date Public
2005-07-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:00.855Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200507-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-22.xml"
},
{
"name": "16214",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16214"
},
{
"name": "sandbox-race-condition(21519)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21519"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=96782"
},
{
"name": "1014574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014574"
},
{
"name": "14375",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14375"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-07-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Race condition in sandbox before 1.2.11 allows local users to create or overwrite arbitrary files via symlink attack on sandboxpids.tmp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200507-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-22.xml"
},
{
"name": "16214",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16214"
},
{
"name": "sandbox-race-condition(21519)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21519"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=96782"
},
{
"name": "1014574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014574"
},
{
"name": "14375",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14375"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2449",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in sandbox before 1.2.11 allows local users to create or overwrite arbitrary files via symlink attack on sandboxpids.tmp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200507-22",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-22.xml"
},
{
"name": "16214",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16214"
},
{
"name": "sandbox-race-condition(21519)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21519"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=96782",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=96782"
},
{
"name": "1014574",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014574"
},
{
"name": "14375",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14375"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2449",
"datePublished": "2005-08-03T04:00:00.000Z",
"dateReserved": "2005-08-03T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:30:00.855Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5694 (GCVE-0-2008-5694)
Vulnerability from cvelistv5 – Published: 2008-12-19 18:00 – Updated: 2024-08-07 11:04
VLAI
EPSS
VEX
Summary
PHP remote file inclusion vulnerability in lib/jpgraph/jpgraph_errhandler.inc.php in Sandbox 1.4.1 might allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the issue, if any, may be located in Aditus JpGraph rather than Sandbox. If so, then this should not be treated as an issue in Sandbox.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.by-f10.com/bug.txt | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/487903/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2008-02-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:04:43.822Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "sandbox-errhandler-file-include(47688)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47688"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.by-f10.com/bug.txt"
},
{
"name": "20080210 hi",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487903/100/200/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in lib/jpgraph/jpgraph_errhandler.inc.php in Sandbox 1.4.1 might allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the issue, if any, may be located in Aditus JpGraph rather than Sandbox. If so, then this should not be treated as an issue in Sandbox."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "sandbox-errhandler-file-include(47688)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47688"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.by-f10.com/bug.txt"
},
{
"name": "20080210 hi",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487903/100/200/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5694",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in lib/jpgraph/jpgraph_errhandler.inc.php in Sandbox 1.4.1 might allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the issue, if any, may be located in Aditus JpGraph rather than Sandbox. If so, then this should not be treated as an issue in Sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "sandbox-errhandler-file-include(47688)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47688"
},
{
"name": "http://www.by-f10.com/bug.txt",
"refsource": "MISC",
"url": "http://www.by-f10.com/bug.txt"
},
{
"name": "20080210 hi",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487903/100/200/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5694",
"datePublished": "2008-12-19T18:00:00.000Z",
"dateReserved": "2008-12-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T11:04:43.822Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2449 (GCVE-0-2005-2449)
Vulnerability from cvelistv5 – Published: 2005-08-03 04:00 – Updated: 2024-08-07 22:30
VLAI
EPSS
VEX
Summary
Race condition in sandbox before 1.2.11 allows local users to create or overwrite arbitrary files via symlink attack on sandboxpids.tmp.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.gentoo.org/security/en/glsa/glsa-20050… | vendor-advisoryx_refsource_GENTOO |
| http://secunia.com/advisories/16214 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://bugs.gentoo.org/show_bug.cgi?id=96782 | x_refsource_MISC |
| http://securitytracker.com/id?1014574 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/14375 | vdb-entryx_refsource_BID |
Date Public
2005-07-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:00.855Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200507-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-22.xml"
},
{
"name": "16214",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16214"
},
{
"name": "sandbox-race-condition(21519)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21519"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=96782"
},
{
"name": "1014574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014574"
},
{
"name": "14375",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14375"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-07-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Race condition in sandbox before 1.2.11 allows local users to create or overwrite arbitrary files via symlink attack on sandboxpids.tmp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200507-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-22.xml"
},
{
"name": "16214",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16214"
},
{
"name": "sandbox-race-condition(21519)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21519"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=96782"
},
{
"name": "1014574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014574"
},
{
"name": "14375",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14375"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2449",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in sandbox before 1.2.11 allows local users to create or overwrite arbitrary files via symlink attack on sandboxpids.tmp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200507-22",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-22.xml"
},
{
"name": "16214",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16214"
},
{
"name": "sandbox-race-condition(21519)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21519"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=96782",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=96782"
},
{
"name": "1014574",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014574"
},
{
"name": "14375",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14375"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2449",
"datePublished": "2005-08-03T04:00:00.000Z",
"dateReserved": "2005-08-03T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:30:00.855Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}