Vulnerabilities > CVE-2005-1752 - Remote Arbitrary Command Execution vulnerability in GForge

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

gforge

exploit available

NVD

Published: 2005-12-31

Updated: 2016-10-18

Summary

viewFile.php in the scm component of Gforge before 4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the file_name parameter.

Vulnerable Configurations

Part	Description	Count
Application	Gforge Gforge Gforge 3.1 Gforge Gforge 3.2 Gforge Gforge 3.3 Gforge Gforge 3.21	4

Exploit-Db

description	GForge 3.x Remote Arbitrary Command Execution Vulnerability. CVE-2005-1752. Webapps exploit for php platform
id	EDB-ID:25693
last seen	2016-02-03
modified	2005-05-24
published	2005-05-24
reporter	Filippo Spike Morelli
source	https://www.exploit-db.com/download/25693/
title	GForge 3.x - Remote Arbitrary Command Execution Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References