CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-2252

PhpAuction 2.5 allows remote attackers to bypass authentication and gain privileges as another user by setting the PHPAUCTION_RM_ID cookie to the user ID.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.7%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/15967
http://securitytracker.com/id?1014423
http://secunia.com/advisories/15967
http://securitytracker.com/id?1014423

Products affected by CVE-2005-2252

Gianluca Baldo » Phpauction » Version: 2.5

cpe:2.3:a:gianluca_baldo:phpauction:2.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-2252

Products

Pricing

Contact Us