Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2005-2781

Опубликовано: 02 сент. 2005
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

The Avatar upload feature in FUD Forum before 2.7.0 does not properly verify uploaded files, which allows remote attackers to execute arbitrary PHP code via a file with a .php extension that contains image data followed by PHP code.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ilia_alshanetsky:fudforum:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.7:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.3.8:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.3:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.4:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.5:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.6:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.7:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.8:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.9:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.10:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.11:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.12:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.13:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.14:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.15:*:*:*:*:*:*:*
cpe:2.3:a:ilia_alshanetsky:fudforum:2.7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 79%
0.01269
Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2005-2781

ubuntu
около 20 лет назад

The Avatar upload feature in FUD Forum before 2.7.0 does not properly verify uploaded files, which allows remote attackers to execute arbitrary PHP code via a file with a .php extension that contains image data followed by PHP code.

debian логотип

CVE-2005-2781

debian
около 20 лет назад

The Avatar upload feature in FUD Forum before 2.7.0 does not properly ...

github логотип

GHSA-m2hw-cx9w-5jj2

github
больше 3 лет назад

The Avatar upload feature in FUD Forum before 2.7.0 does not properly verify uploaded files, which allows remote attackers to execute arbitrary PHP code via a file with a .php extension that contains image data followed by PHP code.

EPSS

Процентиль: 79%
0.01269
Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other