Back to search
CVE-2005-3519
Published: Nov 6, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple PHP file inclusion vulnerabilities in MySource 2.14.0 allow remote attackers to execute arbitrary PHP code and include arbitrary local files via the (1) INCLUDE_PATH and (2) SQUIZLIB_PATH parameters in new_upgrade_functions.php, (3) the INCLUDE_PATH parameter in init_mysource.php, and the PEAR_PATH parameter in (4) Socket.php, (5) Request.php, (6) Mail.php, (7) Date.php, (8) Span.php, (9) mimeDecode.php, and (10) mime.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
92
third-party-advisory
x_refsource_SREASON
20039
vdb-entry
x_refsource_OSVDB
20037
vdb-entry
x_refsource_OSVDB
20051018 Secunia Research: MySource Cross-Site Scripting and File Inclusion
mailing-list
x_refsource_BUGTRAQ
20036
vdb-entry
x_refsource_OSVDB
mysource-multiple-file-include(22772)
vdb-entry
x_refsource_XF
16946
third-party-advisory
x_refsource_SECUNIA
20040
vdb-entry
x_refsource_OSVDB
ADV-2005-2132
vdb-entry
x_refsource_VUPEN
15133
vdb-entry
x_refsource_BID
1015075
vdb-entry
x_refsource_SECTRACK
20038
vdb-entry
x_refsource_OSVDB
20041
vdb-entry
x_refsource_OSVDB
20035
vdb-entry
x_refsource_OSVDB
20042
vdb-entry
x_refsource_OSVDB
20043
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now