TROYANOSYVIRUS
Back to CVEs

CVE-2005-0862

N/A

Description

Multiple PHP remote file inclusion vulnerabilities in PHPOpenChat 3.0.1 and earlier allow remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter to (1) poc_loginform.php or (2) phpbb/poc.php, the poc_root_path parameter to (3) phpbb/poc.php, (4) phpnuke/ENGLISH_poc.php, (5) phpnuke/poc.php, or (6) yabbse/poc.php, or (7) the sourcedir parameter to yabbse/poc.php.

CVE Details

CVSS v3.1 ScoreN/A
Published5/2/2005
Last Modified4/16/2026
Sourcenvd
Honeypot Sightings0

Affected Products

phpopenchat:phpopenchat

References

http://secunia.com/advisories/14600(cve@mitre.org)
http://securitytracker.com/id?1013434(cve@mitre.org)
http://www.albanianhaxorz.org/advisory/phpopenchaten.txt(cve@mitre.org)
http://www.osvdb.org/14807(cve@mitre.org)
http://www.osvdb.org/14808(cve@mitre.org)
http://www.osvdb.org/14809(cve@mitre.org)
http://www.securityfocus.com/archive/1/465237/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/bid/12817(cve@mitre.org)
http://www.zone-h.org/advisories/read/id=7310(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19721(cve@mitre.org)
http://secunia.com/advisories/14600(af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1013434(af854a3a-2127-422b-91ae-364da2661108)
http://www.albanianhaxorz.org/advisory/phpopenchaten.txt(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/14807(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/14808(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/14809(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/465237/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/12817(af854a3a-2127-422b-91ae-364da2661108)
http://www.zone-h.org/advisories/read/id=7310(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19721(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.