PT-2005-5145 · Tolva · Tolva Php Website System

Beford

Publicado

2005-12-21

Atualizado

2018-10-19

CVE-2005-4462

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Tolva PHP website system version 0.1.0

Description The issue allows remote attackers to execute arbitrary code via a URL in the ROOT parameter in the usermods.php file. This enables attackers to potentially gain control over the system.

Recommendations For Tolva PHP website system version 0.1.0, consider restricting access to the usermods.php file and avoid using the ROOT parameter in URLs until a patch is available. As a temporary workaround, restrict the use of the ROOT parameter to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-4462

Produtos afetados

Tolva Php Website System

PT-2005-5145 · Tolva · Tolva Php Website System

CVE-2005-4462

Identificadores relacionados

Produtos afetados

Referências · 5