Vulnerabilities > CVE-2005-1752 - Unspecified vulnerability in Gforge

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

gforge

exploit available

NVD

Published: 2005-12-31

Updated: 2024-11-20

Summary

viewFile.php in the scm component of Gforge before 4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the file_name parameter.

Vulnerable Configurations

Part	Description	Count
Application	Gforge Gforge Gforge 3.21 Gforge Gforge 3.1 Gforge Gforge 3.2 Gforge Gforge 3.3	4

Exploit-Db

description	GForge 3.x Remote Arbitrary Command Execution Vulnerability. CVE-2005-1752. Webapps exploit for php platform
id	EDB-ID:25693
last seen	2016-02-03
modified	2005-05-24
published	2005-05-24
reporter	Filippo Spike Morelli
source	https://www.exploit-db.com/download/25693/
title	GForge 3.x - Remote Arbitrary Command Execution Vulnerability

References

http://marc.info/?l=bugtraq&m=111695779919830&w=2
http://marc.info/?l=bugtraq&m=111695779919830&w=2
http://secunia.com/advisories/13845
http://secunia.com/advisories/13845
http://www.securityfocus.com/bid/13716
http://www.securityfocus.com/bid/13716