CVE-2005-2154

Sažetak

PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers to include and possibly execute arbitrary local files via the inc parameter.

Reference

http://seclists.org/lists/bugtraq/2005/Jul/0009.html
http://securitytracker.com/id?1014373
http://www.securityfocus.com/bid/14127

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

05-09-2008 - 20:51

Objavljeno

06-07-2005 - 04:00