← Back

CVE-2005-0795

nvd nist
Published: Mar 14, 2005Modified: Apr 16, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:P/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

HolaCMS 1.4.9 does not restrict file access to the holaDB/votes directory, which allows remote attackers to overwrite arbitrary files via a modified vote_filename parameter.

Affected (14)

Products: Hola: Holacms
Hola
1 product
Holacms
Configuration A
14 vulnerable
Vulnerable SoftwareAffected Versions
Hola
Holacms
Version 1.2.10
Holacms
Version 1.2.9
Holacms
Version 1.4.1
Holacms
Version 1.4.2
Holacms
Version 1.4.2a
Holacms
Version 1.4.3
Holacms
Version 1.4.4
Holacms
Version 1.4.5
Holacms
Version 1.4.6
Holacms
Version 1.4.7
Holacms
Version 1.4.8
Holacms
Version 1.4.9
Holacms
Version 1.4.9_1
Holacms
Version 1.4

References (8)

Source: cve@mitre.org
ExploitVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.