CVEブラウザに戻る

CVE-2005-2290

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1230%

EPSS Percentile19.69th

Published2005年7月18日

Last Modified2026年4月16日

Vulnerability Description

wps_shop.cgi in WPS Web Portal System 0.7.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) art and (2) cat variables.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=112128870110418&w=2

🔗 http://secunia.com/advisories/15780

🔗 http://securitytracker.com/id?1014480

🔗 http://www.securityfocus.com/bid/14245

🔗 http://marc.info/?l=bugtraq&m=112128870110418&w=2

🔗 http://secunia.com/advisories/15780

🔗 http://securitytracker.com/id?1014480

🔗 http://www.securityfocus.com/bid/14245

関連する脆弱性情報

CVE-2005-266910.0

Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote at...

CVE-2005-089210.0

Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL ...

CVE-2005-266810.0

Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before...

CVE-2005-041710.0

Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to t...