CVE-2005-1181

EPSS 5.38%
Published 02.05.2005 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

NOTE: this issue has been disputed by the vendor.  PHP remote code injection vulnerability in loader.php for Ariadne CMS 2.4 allows remote attackers to execute arbitrary PHP code by modifying the ariadne parameter to reference a URL on a remote web server that contains the code.  NOTE: the vendor has disputed this issue, saying that loader.php first requires the "ariadne.inc" file, which defines the $ariadne variable, and thus it cannot be modified by an attacker. In addition, CVE personnel have partially verified the dispute via source code inspection of Ariadne 2.4 as available on July 5, 2005

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Ariadne ≫ Ariadne Cms Version2.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	5.38%	0.897

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://securitytracker.com/id?1013721

http://www.osvdb.org/15549

https://exchange.xforce.ibmcloud.com/vulnerabilities/20611

https://nvd.nist.gov/vuln/detail/CVE-2005-1181

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-1181

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-1181

EUVD