CyberSec.Space Logo
Back to CVE Browser

CVE-2005-4006

HIGH
7.5
CVSS Severity Score
EPSS Score0.0980%
EPSS Percentile3.63th
PublishedDec 5, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

SAPID CMS before 1.2.3.03 allows remote attackers to bypass authentication via direct requests to the usr/system files (1) insert_file.php, (2) insert_image.php, (3) insert_link.php, (4) insert_qcfile.php, and (5) edit.php.

Affected Platforms (CPE)

πŸ“¦
Redgraphic

Sapid Cms

<= 1.2.3.02
πŸ“¦
Redgraphic

Sapid Cms

= 1.2.3
πŸ“¦
Redgraphic

Sapid Cms

= 1.2.3
πŸ“¦
Redgraphic

Sapid Cms

= 1.2.3
πŸ“¦
Redgraphic

Sapid Cms

= 1.2.3
πŸ“¦
Redgraphic

Sapid Cms

= 1.2.3

References & Advisories

πŸ”— http://sapid-club.com/en/viewtopic.php?p=586#586
πŸ”— http://secunia.com/advisories/17859
πŸ”— http://sourceforge.net/project/shownotes.php?release_id=375289&group_id=118100
πŸ”— http://www.osvdb.org/21389
πŸ”— http://www.securityfocus.com/bid/15689
πŸ”— http://www.vupen.com/english/advisories/2005/2703
πŸ”— http://sapid-club.com/en/viewtopic.php?p=586#586
πŸ”— http://secunia.com/advisories/17859

Related Vulnerabilities

CVE-2005-400710.0

Multiple unspecified vulnerabilities in SAPID CMS before 1.2.3.03, related to newly registered users and possibly authorization ch...

CVE-2006-40267.5

PHP remote file inclusion vulnerability in SAPID CMS 123 rc3 allows remote attackers to execute arbitrary PHP code via a URL in th...

CVE-2012-52937.5

Multiple PHP remote file inclusion vulnerabilities in SAPID CMS 1.2.3 Stable allow remote attackers to execute arbitrary PHP code ...

CVE-2007-50566.8

Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made S...