Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2005-0859

EPSS 17.16% · P95
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2005-0859

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
PHP remote file inclusion vulnerability in CzarNews 1.13b allows remote attackers to execute arbitrary PHP code via the tpath parameter to (1) headlines.php or (2) news.php. NOTE: some sources have reported the "dir" parameter as being affected; however, this is likely a cut-and-paste error from the wrong section of the original vulnerability report. Also, the news.php version was later reported to be in 1.12 through 1.14.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
CzarNews远程文件包含漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
CzarNews 1.13b中存在PHP远程文件包含漏洞,远程攻击者可以通过传给(1)headlines.php或(2)news.php的参数来执行任意PHP代码。注:一些信息来源报告"dir"参数也受影响;然而,这可能是原始漏洞报告中错误章节中的剪切和粘贴错误。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2005-0859

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2005-0859

Please Login to view more intelligence information

Same Patch Batch · n/a · 2005-03-24 · 35 CVEs total

CVE-2005-0857CoolForum跨站脚本和SQL注入漏洞
CVE-2005-0849FUN labs多个远程拒绝服务漏洞
CVE-2005-0850FileZilla FTP Server多个远程拒绝服务漏洞
CVE-2005-0851FileZilla FTP Server多个远程拒绝服务漏洞
CVE-2005-0852Microsoft Windows原始IP over IP套接字本地拒绝服务漏洞
CVE-2005-0853Betaparticle Blog多个远程漏洞
CVE-2005-0854Betaparticle Blog多个远程漏洞
CVE-2005-0855CoolForum 0.8.1 beta漏洞
CVE-2005-0856CoolForum SQL注入漏洞
CVE-2005-0848FUN labs 游戏引擎多个远程拒绝服务漏洞
CVE-2005-0858CoolForum SQL注入漏洞
CVE-2005-0860TRG News Script远程文件包含漏洞
CVE-2005-0861DeleGate多个未明缓冲区溢出漏洞
CVE-2005-0862PHPOpenChat多个远程文件包含漏洞
CVE-2005-0863PHPOpenChat多个HTML注入漏洞
CVE-2005-0864三星DSL调制解调器多个远程安全漏洞
CVE-2005-0865三星DSL调制解调器多个远程安全漏洞
CVE-2005-0418Java Web Start远程代码注入漏洞
CVE-2001-1429Midnight Commander mcedit缓冲区溢出漏洞
CVE-2001-1430Cayman-DSL路由器不安全默认账户漏洞

Showing top 20 of 35 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2005-0859

No comments yet

Leave a comment