Vulnerabilities > CVE-2005-0795 - Unspecified vulnerability in Hola Holacms
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN hola
exploit available
Summary
HolaCMS 1.4.9 does not restrict file access to the holaDB/votes directory, which allows remote attackers to overwrite arbitrary files via a modified vote_filename parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 14 |
Exploit-Db
| description | HolaCMS 1.2/1.4.x Voting Module Remote File Corruption Vulnerability. CVE-2005-0795. Webapps exploit for php platform |
| id | EDB-ID:25217 |
| last seen | 2016-02-03 |
| modified | 2005-03-12 |
| published | 2005-03-12 |
| reporter | Virginity Security |
| source | https://www.exploit-db.com/download/25217/ |
| title | HolaCMS 1.2/1.4.x Voting Module Remote File Corruption Vulnerability |
References
- http://archives.neohapsis.com/archives/bugtraq/2005-03/0210.html
- http://archives.neohapsis.com/archives/bugtraq/2005-03/0210.html
- http://secunia.com/advisories/14566
- http://secunia.com/advisories/14566
- http://www.holacms.de/?content=changelog
- http://www.holacms.de/?content=changelog
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19672
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19672