NVD

Id
70067  
Name
CVE-2005-4469  
Description
Multiple direct static code injection vulnerabilities in PHPGedView 3.3.7 and earlier allow remote attackers to execute arbitrary PHP code via (1) the username field in login.php, or the (2) user_language, (3) user_email, and (4) user_gedcomid parameters in login_register.php, which is directly inserted into authenticate.php.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-03  
Published
2005-12-21  
Modified Date
2011-03-07  
Seq
2005-4469  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
361632 70067 CVE-2005-4469 http://cvs.sourceforge.net/viewcvs.py/phpgedview/phpGedView/login_register.php?r1=1.71.2.35&r2=1.71.2.36  View
361633 70067 CVE-2005-4469 http://cvs.sourceforge.net/viewcvs.py/phpgedview/phpGedView/login_register.php?r1=1.71.2.36&r2=1.71.2.37  View
361634 70067 CVE-2005-4469 http://rgod.altervista.org/phpgedview_337_xpl.html  View
361635 70067 CVE-2005-4469 1015395  View
361636 70067 CVE-2005-4469 20051220 PHPGedView <= 3.3.7 remote code execution  View
361637 70067 CVE-2005-4469 15983  View
361638 70067 CVE-2005-4469 ADV-2005-3033  View
361639 70067 CVE-2005-4469 phpgedview-multi-field-xss(23873)  View
361640 70067 CVE-2005-4469 https://sourceforge.net/tracker/index.php?func=detail&aid=1386434&group_id=55456&atid=477081  View

Related JVN