Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2400

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2400
Last Modified 07 Mar 2011 09:24:25
Published 27 Jul 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2400

Summary

The inc.login.php scripts in PHPFinance 0.3 allows remote attackers to bypass the login and gain privileges.

Vulnerable Systems

Application

  • Phpfinance 0.3


References

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=343135

VUPEN - ADV-2005-1133

CONFIRM - http://cvs.sourceforge.net/viewcvs.py/phpfinance/phpfinance/inc.login.php?rev=1.2&view=log

CONFIRM - http://cvs.sourceforge.net/viewcvs.py/phpfinance/phpfinance/inc.conf.php?rev=1.2&view=log

XF - phpfinance-logon-bypass(21426)

BID - 14322

SECUNIA - 13276


Last Updated: 27 May 2016 10:40:30