CVE Vulnerabilities

CVE-2005-4174

Published: Dec 11, 2005 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

eFiction 1.0, 1.1, and 2.0, in unspecified environments, might allow remote attackers to conduct unauthorized operations by directly accessing (1) install.php or (2) upgrade.php. NOTE: it is unclear whether this is a vulnerability in eFiction itself or the result of incorrect system administration practices, e.g. by not removing utility scripts once they have been used.

Affected Software

Name Vendor Start Version End Version
Efiction Efiction_project 2.0 2.0
Efiction Efiction_project 1.0 1.0
Efiction Efiction_project 1.1 1.1

References