Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0429

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-0429
Last Modified 05 Sep 2008 04:46:15
Published 02 May 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0429

Summary

Direct code injection vulnerability in forumdisplay.php in vBulletin 3.0 through 3.0.4, when showforumusers is enabled, allows remote attackers to execute inject arbitrary PHP commands via the comma parameter.

Vulnerable Systems

Application

  • Jelsoft Vbulletin 3.0

  • Jelsoft Vbulletin 3.0.1

  • Jelsoft Vbulletin 3.0.2

  • Jelsoft Vbulletin 3.0.3

  • Jelsoft Vbulletin 3.0.4


References

BUGTRAQ - 20050213 vbulletin 3.0.x PHP code execution

BID - 12542


Last Updated: 27 May 2016 10:39:48