Vulnerability Details CVE-2005-2651
gorum/prod.php in Zorum 3.5 allows remote attackers to execute arbitrary code via shell metacharacters in the argv parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.117
EPSS Ranking 93.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=112438781604862&w=2
- http://rgod.altervista.org/zorum.html
- http://secunia.com/advisories/16504/
- http://securitytracker.com/id?1014725
- http://www.securityfocus.com/bid/14601
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21912
- http://marc.info/?l=bugtraq&m=112438781604862&w=2
- http://rgod.altervista.org/zorum.html
- http://secunia.com/advisories/16504/
- http://securitytracker.com/id?1014725
- http://www.securityfocus.com/bid/14601
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21912
Products affected by CVE-2005-2651
-
cpe:2.3:a:phpoutsourcing:zorum:3.5