CVE-2005-4593

PHP remote file inclusion vulnerability in phpDocumentor 1.3.0 rc4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary code via a URL in the (1) FORUM[LIB] parameter in Documentation/tests/bug-559668.php and (2) the root_dir parameter in docbuilder/file_dialog.php.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:joshua_eichorn:phpdocumentor:1.2:*:*:*:*:*:*:*
cpe:2.3:a:joshua_eichorn:phpdocumentor:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:joshua_eichorn:phpdocumentor:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:joshua_eichorn:phpdocumentor:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:joshua_eichorn:phpdocumentor:1.3_rc3:*:*:*:*:*:*:*
cpe:2.3:a:joshua_eichorn:phpdocumentor:1.3_rc4:*:*:*:*:*:*:*

History

21 Nov 2024, 00:04

Type Values Removed Values Added
References () http://rgod.altervista.org/phpdocumentor_130rc4_incl_expl.html - Exploit () http://rgod.altervista.org/phpdocumentor_130rc4_incl_expl.html - Exploit
References () http://secunia.com/advisories/18248 - () http://secunia.com/advisories/18248 -
References () http://securityreason.com/securityalert/303 - () http://securityreason.com/securityalert/303 -
References () http://securitytracker.com/id?1015423 - () http://securitytracker.com/id?1015423 -
References () http://www.osvdb.org/22114 - () http://www.osvdb.org/22114 -
References () http://www.osvdb.org/22115 - () http://www.osvdb.org/22115 -
References () http://www.securityfocus.com/archive/1/420441/100/0/threaded - () http://www.securityfocus.com/archive/1/420441/100/0/threaded -
References () http://www.securityfocus.com/bid/16080 - Exploit () http://www.securityfocus.com/bid/16080 - Exploit
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/23902 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/23902 -

Information

Published : 2005-12-31 05:00

Updated : 2025-04-03 01:03


NVD link : CVE-2005-4593

Mitre link : CVE-2005-4593

CVE.ORG link : CVE-2005-4593


JSON object : View

Products Affected

joshua_eichorn

  • phpdocumentor