Vulnerability Details CVE-2005-2198
PHP remote file inclusion vulnerability in lang.php in SPiD before 1.3.1 allows remote attackers to execute arbitrary code via the lang_path parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.03
EPSS Ranking 86.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/16022
- http://securitytracker.com/id?1014437
- http://spid.adnx.net/index_en.html#log
- http://www.securityfocus.com/bid/14208
- http://secunia.com/advisories/16022
- http://securitytracker.com/id?1014437
- http://spid.adnx.net/index_en.html#log
- http://www.securityfocus.com/bid/14208
Products affected by CVE-2005-2198
-
cpe:2.3:a:spid:spid:1.0.1
-
cpe:2.3:a:spid:spid:1.0.3
-
cpe:2.3:a:spid:spid:1.0.4
-
cpe:2.3:a:spid:spid:1.1.0
-
cpe:2.3:a:spid:spid:1.2.0
-
cpe:2.3:a:spid:spid:1.2.1
-
cpe:2.3:a:spid:spid:1.2.2
-
cpe:2.3:a:spid:spid:1.2.3
-
cpe:2.3:a:spid:spid:1.3.0