Vulnerability Details CVE-2005-3554
Multiple eval injection vulnerabilities in the help function in PHPKIT 1.6.1 R2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary code on the server via unknown attack vectors involving uninitialized variables.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.051
EPSS Ranking 89.5%
CVSS Severity
CVSS v2 Score 5.1
References
- http://cert.uni-stuttgart.de/archive/bugtraq/2005/11/msg00110.html
- http://secunia.com/advisories/17479
- http://securitytracker.com/id?1015167
- http://www.hardened-php.net/advisory_212005.80.html
- http://www.osvdb.org/20563
- http://www.securityfocus.com/bid/15354
- http://www.vupen.com/english/advisories/2005/2344
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23015
- http://cert.uni-stuttgart.de/archive/bugtraq/2005/11/msg00110.html
- http://secunia.com/advisories/17479
- http://securitytracker.com/id?1015167
- http://www.hardened-php.net/advisory_212005.80.html
- http://www.osvdb.org/20563
- http://www.securityfocus.com/bid/15354
- http://www.vupen.com/english/advisories/2005/2344
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23015