7.5

CVE-2005-1047

EPSS 0.98%
Published 07.04.2005 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Meilad File upload script (up.php) mod for phpBB 2.0.x does not properly limit the types of files that can be uploaded, which allows remote authenticated users to execute arbitrary commands by uploading PHP files, then directly requesting them from the uploads directory.

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Phpbb Group ≫ Phpbb Version2.0.0

Phpbb Group ≫ Phpbb Version2.0.1

Phpbb Group ≫ Phpbb Version2.0.2

Phpbb Group ≫ Phpbb Version2.0.3

Phpbb Group ≫ Phpbb Version2.0.4

Phpbb Group ≫ Phpbb Version2.0.5

Phpbb Group ≫ Phpbb Version2.0.6

Phpbb Group ≫ Phpbb Version2.0.6c

Phpbb Group ≫ Phpbb Version2.0.6d

Phpbb Group ≫ Phpbb Version2.0.7

Phpbb Group ≫ Phpbb Version2.0.7a

Phpbb Group ≫ Phpbb Version2.0.8

Phpbb Group ≫ Phpbb Version2.0.8a

Phpbb Group ≫ Phpbb Version2.0.9

Phpbb Group ≫ Phpbb Version2.0.10

Phpbb Group ≫ Phpbb Version2.0.11

Phpbb Group ≫ Phpbb Version2.0.12

Phpbb Group ≫ Phpbb Version2.0.13

Phpbb Group ≫ Phpbb Version2.0.14

Phpbb Group ≫ Phpbb Version2.0_beta1

Phpbb Group ≫ Phpbb Version2.0_rc1

Phpbb Group ≫ Phpbb Version2.0_rc2

Phpbb Group ≫ Phpbb Version2.0_rc3

Phpbb Group ≫ Phpbb Version2.0_rc4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.98%	0.747

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://marc.info/?l=bugtraq&m=111299353030534&w=2

http://securitytracker.com/id?1013671

Vendor Advisory

http://www.defacers.com.mx/advisories/2.txt

URL Repurposed

https://nvd.nist.gov/vuln/detail/CVE-2005-1047

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-1047

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-1047

EUVD