CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2005-4006

HIGH
7.5
CVSS Severity Score
EPSS Score0.0980%
EPSS Percentile3.63th
Published2005年12月5日
Last Modified2026年4月16日

Vulnerability Description

SAPID CMS before 1.2.3.03 allows remote attackers to bypass authentication via direct requests to the usr/system files (1) insert_file.php, (2) insert_image.php, (3) insert_link.php, (4) insert_qcfile.php, and (5) edit.php.

Affected Platforms (CPE)

📦
Redgraphic

Sapid Cms

<= 1.2.3.02
📦
Redgraphic

Sapid Cms

= 1.2.3
📦
Redgraphic

Sapid Cms

= 1.2.3
📦
Redgraphic

Sapid Cms

= 1.2.3
📦
Redgraphic

Sapid Cms

= 1.2.3
📦
Redgraphic

Sapid Cms

= 1.2.3

References & Advisories

🔗 http://sapid-club.com/en/viewtopic.php?p=586#586
🔗 http://secunia.com/advisories/17859
🔗 http://sourceforge.net/project/shownotes.php?release_id=375289&group_id=118100
🔗 http://www.osvdb.org/21389
🔗 http://www.securityfocus.com/bid/15689
🔗 http://www.vupen.com/english/advisories/2005/2703
🔗 http://sapid-club.com/en/viewtopic.php?p=586#586
🔗 http://secunia.com/advisories/17859

相關漏洞威脅

CVE-2005-400710.0

Multiple unspecified vulnerabilities in SAPID CMS before 1.2.3.03, related to newly registered users and possibly authorization ch...

CVE-2006-40267.5

PHP remote file inclusion vulnerability in SAPID CMS 123 rc3 allows remote attackers to execute arbitrary PHP code via a URL in th...

CVE-2012-52937.5

Multiple PHP remote file inclusion vulnerabilities in SAPID CMS 1.2.3 Stable allow remote attackers to execute arbitrary PHP code ...

CVE-2007-50566.8

Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made S...