CVE-2005-0795

Published Mar 14, 2005

Last updated 7 years ago

Overview

Description: HolaCMS 1.4.9 does not restrict file access to the holaDB/votes directory, which allows remote attackers to overwrite arbitrary files via a modified vote_filename parameter.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:hola:holacms:1.2.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CE77009-C449-4C27-8ED1-54536C868BF0"
          },
          {
            "criteria": "cpe:2.3:a:hola:holacms:1.2.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D2C59F32-C782-41AB-BBCD-14AE00622251"
          },
          {
            "criteria": "cpe:2.3:a:hola:holacms:1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDFA2FB3-988C-438C-91D5-CFB949D1DE72"
          },
          {
            "criteria": "cpe:2.3:a:hola:holacms:1.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C884064-3C7F-41D0-8C2D-9E472E6A4F32"
          },
          {
            "criteria": "cpe:2.3:a:hola:holacms:1.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B174400C-B207-4244-BFB0-D21BC03B82A6"
          },
          {
            "criteria": "cpe:2.3:a:hola:holacms:1.4.2a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED931373-EC2F-4957-8626-5B04356D5DFF"
          },
          {
            "criteria": "cpe:2.3:a:hola:holacms:1.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41DE9C6F-E283-4A57-9AF5-623632ED564B"
          },
          {
            "criteria": "cpe:2.3:a:hola:holacms:1.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CF810F5-30EE-44F0-8A83-BC23D28693B8"
          },
          {
            "criteria": "cpe:2.3:a:hola:holacms:1.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9BCAD68-4046-48C1-8621-D67F55103E20"
          },
          {
            "criteria": "cpe:2.3:a:hola:holacms:1.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F46EFD31-83A7-4EE7-B8C0-F403311D1AA0"
          },
          {
            "criteria": "cpe:2.3:a:hola:holacms:1.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "864DFC9C-EF3D-4681-B4FE-5766F8EB08AB"
          },
          {
            "criteria": "cpe:2.3:a:hola:holacms:1.4.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "477C0392-2513-40D9-BD90-65B1762B3056"
          },
          {
            "criteria": "cpe:2.3:a:hola:holacms:1.4.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61BA821F-DB55-481E-A5C4-C08B74A93BF9"
          },
          {
            "criteria": "cpe:2.3:a:hola:holacms:1.4.9_1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "913CF7B2-A97C-4CA3-B01A-FCD2B5011854"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References