7.5
CVE-2005-0685
- EPSS 1.55%
- Veröffentlicht 08.03.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:11:34
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple access validation errors in OutStart Participate Enterprise (PE) allow remote attackers to (1) browse arbitrary directory trees by modifying the rootFolder parameter to displaynavigator.jsp, (2) rename arbitrary directory objects by modifying the selectedObject parameter to renamepopup.jsp, (3) delete arbitrary directory objects by modifying the selectedObjectsCSV parameter to displaydeletenavigator.jsp, and conduct other unauthorized activities via the (4) showDeleteView, (5) showWebFolderView, (6) showLibraryView, (7) showMyLibraryView, (8) singleSelectObject, (9) processRadioSelection, (10) processCheckboxSelection, (11) singleSelectObject, (12) addToSelectedObjects, or (13) removeFromSelectedObjects commands.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Outstart ≫ Participate Enterprise Version3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.55% | 0.718 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/14542
http://security.honour.ca/outstartpsi.txt
http://www.securityfocus.com/archive/1/392623
http://www.securityfocus.com/bid/12752
https://exchange.xforce.ibmcloud.com/vulnerabilities/19632