CVE-2015-0850

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0420%

EPSS Percentile22.06th

PublishedJun 2, 2015

Last ModifiedMay 6, 2026

Vulnerability Description

The Git plugin for FusionForge before 6.0rc4 allows remote attackers to execute arbitrary code via an unspecified parameter when creating a secondary Git repository.

Affected Platforms (CPE)

📦

Fusionforge

<= 6.0

References & Advisories

🔗 http://www.debian.org/security/2015/dsa-3275

🔗 https://fusionforge.org/forum/forum.php?forum_id=41

🔗 http://www.debian.org/security/2015/dsa-3275

🔗 https://fusionforge.org/forum/forum.php?forum_id=41

Related Vulnerabilities

CVE-2014-04689.8

Vulnerability in fusionforge in the shipped Apache configuration, where the web server may execute scripts that the users would h...

CVE-2013-14236.9

(1) contrib/gforge-3.0-cronjobs.patch, (2) cronjobs/homedirs.php, (3) deb-specific/fileforge.pl, (4) deb-specific/group_dump_updat...

CVE-2014-62755.9

FusionForge before 5.3.2 use scripts that run under the shared Apache user, which is also used by project homepages by default. If...

CVE-2015-476010.0

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and...