Published: 02/05/2005 Updated: 11/04/2024

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

NOTE: this issue has been disputed by the vendor. PHP remote code injection vulnerability in loader.php for Ariadne CMS 2.4 allows remote malicious users to execute arbitrary PHP code by modifying the ariadne parameter to reference a URL on a remote web server that contains the code. NOTE: the vendor has disputed this issue, saying that loader.php first requires the "ariadne.inc" file, which defines the $ariadne variable, and thus it cannot be modified by an attacker. In addition, CVE personnel have partially verified the dispute via source code inspection of Ariadne 2.4 as available on July 5, 2005

Vulnerable Product	Search on Vulmon	Subscribe to Product
ariadne ariadne cms 2.4

source: wwwsecurityfocuscom/bid/13206/info A remote file include vulnerability affects Ariadne CMS This issue is due to a failure of the application to validate critical parameters before using them in a 'require_once()' function call An attacker may leverage this issue to execute arbitrary server-side script code on an affected comput ...

NVD-CWE-Other http://www.osvdb.org/15549 http://securitytracker.com/id?1013721 https://exchange.xforce.ibmcloud.com/vulnerabilities/20611 https://nvd.nist.gov https://www.exploit-db.com/exploits/25431/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-1181

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect