CyberSec.Space Logo
Back to CVE Browser

CVE-2005-2257

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1080%
EPSS Percentile9.72th
PublishedJul 13, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

The saveProfile function in PhpSlash 0.8.0 allows remote attackers to modify arbitrary profiles and gain privileges by modifying the author_id parameter.

Affected Platforms (CPE)

πŸ“¦
Phpslash

Phpslash

= 0.8.0

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=112076117708139&w=2
πŸ”— http://secunia.com/advisories/15936
πŸ”— http://securitytracker.com/id?1014415
πŸ”— http://marc.info/?l=bugtraq&m=112076117708139&w=2
πŸ”— http://secunia.com/advisories/15936
πŸ”— http://securitytracker.com/id?1014415

Related Vulnerabilities

CVE-2009-051710.0

Eval injection vulnerability in index.php in phpSlash 0.8.1.1 and earlier allows remote attackers to execute arbitrary PHP code vi...

CVE-2005-44797.5

SQL injection vulnerability in article.php in phpSlash 0.8.1 and earlier allows remote attackers to execute arbitrary SQL commands...

CVE-2001-13345.0

Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by...

CVE-2005-266810.0

Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before...