Published: 31/12/2003 Updated: 19/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Subscribe to Gonicus System Administration

PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0 allows remote malicious users to execute arbitrary PHP code via the plugin parameter to (1) 3fax/1blocklists/index.php; (2) 6departamentadmin/index.php, (3) 5terminals/index.php, (4) 4mailinglists/index.php, (5) 3departaments/index.php, and (6) 2groupd/index.php in 2administration/; or (7) the base parameter to include/help.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gonicus gonicus system administration 1.0

source: wwwsecurityfocuscom/bid/6922/info GONiCUS System Administrator is prone to an issue that may allow remote attackers to include files located on remote servers This issue is present in several PHP pages existing in the /plugins and /includes folders By crafting specific URI parameters it is possible for an attacker to influence ...

CWE-94 http://lists.grok.org.uk/pipermail/full-disclosure/2003-February/003932.html http://www.securityfocus.com/bid/6922 http://www.securitytracker.com/id?1006162 http://secunia.com/advisories/8120 https://exchange.xforce.ibmcloud.com/vulnerabilities/11408 http://www.securityfocus.com/archive/1/313282/30/25760/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/22279/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-1412

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect