Vulnerabilities > CVE-2005-0795 - Unspecified vulnerability in Hola Holacms

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
hola
exploit available

Summary

HolaCMS 1.4.9 does not restrict file access to the holaDB/votes directory, which allows remote attackers to overwrite arbitrary files via a modified vote_filename parameter.

Exploit-Db

descriptionHolaCMS 1.2/1.4.x Voting Module Remote File Corruption Vulnerability. CVE-2005-0795. Webapps exploit for php platform
idEDB-ID:25217
last seen2016-02-03
modified2005-03-12
published2005-03-12
reporterVirginity Security
sourcehttps://www.exploit-db.com/download/25217/
titleHolaCMS 1.2/1.4.x Voting Module Remote File Corruption Vulnerability