Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2846

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2846
Last Modified 05 Sep 2008 04:52:49
Published 08 Sep 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2846

Summary

PHP remote file inclusion vulnerability in lang.php in CMS Made Simple 0.10 and earlier allows remote attackers to execute arbitrary PHP code via the nls[file][vx][vxsfx] parameter.

Vulnerable Systems

Application

  • Cmsmadesimple Cms Made Simple 0.10


References

SECUNIA - 16654

CONFIRM - http://forum.cmsmadesimple.org/index.php/topic,1549.0.html

BID - 14709

BUGTRAQ - 20050831 CMS Made Simple <= 0.10 - PHP injection


Last Updated: 27 May 2016 10:40:40