CyberSec.Space Logo
CVEブラウザに戻る

CVE-2005-4007

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1980%
EPSS Percentile16.81th
Published2005年12月5日
Last Modified2026年4月16日

Vulnerability Description

Multiple unspecified vulnerabilities in SAPID CMS before 1.2.3.03, related to newly registered users and possibly authorization checks, have unknown impact and attack vectors involving (1) mvc/controller/user_request_analysis.inc.php and (2) usr/xml/ddc/authorization.xml.

Affected Platforms (CPE)

📦
Redgraphic

Sapid Cms

<= 1.2.3.02
📦
Redgraphic

Sapid Cms

= 1.2.3
📦
Redgraphic

Sapid Cms

= 1.2.3
📦
Redgraphic

Sapid Cms

= 1.2.3
📦
Redgraphic

Sapid Cms

= 1.2.3
📦
Redgraphic

Sapid Cms

= 1.2.3

References & Advisories

🔗 http://sapid-club.com/en/viewtopic.php?p=586#586
🔗 http://sourceforge.net/project/shownotes.php?release_id=375289&group_id=118100
🔗 http://sapid-club.com/en/viewtopic.php?p=586#586
🔗 http://sourceforge.net/project/shownotes.php?release_id=375289&group_id=118100

関連する脆弱性情報

CVE-2005-40067.5

SAPID CMS before 1.2.3.03 allows remote attackers to bypass authentication via direct requests to the usr/system files (1) insert_...

CVE-2006-40267.5

PHP remote file inclusion vulnerability in SAPID CMS 123 rc3 allows remote attackers to execute arbitrary PHP code via a URL in th...

CVE-2012-52937.5

Multiple PHP remote file inclusion vulnerabilities in SAPID CMS 1.2.3 Stable allow remote attackers to execute arbitrary PHP code ...

CVE-2007-50566.8

Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made S...