CyberSec.Space Logo
返回 CVE 浏览器

CVE-2005-2257

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1080%
EPSS Percentile9.72th
Published2005年7月13日
Last Modified2026年4月16日

Vulnerability Description

The saveProfile function in PhpSlash 0.8.0 allows remote attackers to modify arbitrary profiles and gain privileges by modifying the author_id parameter.

Affected Platforms (CPE)

📦
Phpslash

Phpslash

= 0.8.0

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=112076117708139&w=2
🔗 http://secunia.com/advisories/15936
🔗 http://securitytracker.com/id?1014415
🔗 http://marc.info/?l=bugtraq&m=112076117708139&w=2
🔗 http://secunia.com/advisories/15936
🔗 http://securitytracker.com/id?1014415

相关漏洞威胁

CVE-2009-051710.0

Eval injection vulnerability in index.php in phpSlash 0.8.1.1 and earlier allows remote attackers to execute arbitrary PHP code vi...

CVE-2005-44797.5

SQL injection vulnerability in article.php in phpSlash 0.8.1 and earlier allows remote attackers to execute arbitrary SQL commands...

CVE-2001-13345.0

Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by...

CVE-2005-063510.0

Buffer overflow in Foxmail Server 2.0 allows remote attackers to execute arbitrary code via a long USER command.