exploitDog

CVE-2005-2559

Опубликовано: 16 авг. 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

doping.php in ePing plugin 1.02 and earlier for e107 portal allows remote attackers to execute arbitrary code or overwrite files via (1) shell metacharacters in the eping_count parameter or (2) restricted shell metacharacters such as ">" and "&" in the eping_host parameter, which is not handled by the validation function.

Ссылки

http://e107plugins.co.uk/news.php
Patch
URL Repurposed
http://marc.info/?l=bugtraq&m=112328161319148&w=2
http://e107plugins.co.uk/news.php
Patch
URL Repurposed
http://marc.info/?l=bugtraq&m=112328161319148&w=2

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:e107:e107:*:*:*:*:*:*:*:*

EPSS

Процентиль: 83%

0.01841

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-x49g-8r9p-vp7r

github

почти 4 года назад

doping.php in ePing plugin 1.02 and earlier for e107 portal allows remote attackers to execute arbitrary code or overwrite files via (1) shell metacharacters in the eping_count parameter or (2) restricted shell metacharacters such as ">" and "&" in the eping_host parameter, which is not handled by the validation function.

EPSS

Процентиль: 83%

0.01841

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other