CVE-2005-4653

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2005-4653
Unspecified vulnerability in ss.php in AL-Caricatier 2.5 and earlier allows remote attackers to bypass login authentication by requesting view_caricatier.php, and then requesting any file in the admin directory with a cookie_username=admin argument.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0483.html Exploit
http://www.securityfocus.com/bid/15162
http://secunia.com/advisories/17292 Vendor Advisory
http://www.vupen.com/english/advisories/2005/2181
https://exchange.xforce.ibmcloud.com/vulnerabilities/22840
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:al-caricatier:al-caricatier:1.0:*:*:*:*:*:*:*
cpe:2.3:a:al-caricatier:al-caricatier:2.5:*:*:*:*:*:*:*
Information

Published : 2005-12-30 21:00

Updated : 2017-07-19 18:29

NVD link : CVE-2005-4653

Mitre link : CVE-2005-4653

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

al-caricatier

  • al-caricatier