CVE-2005-4006

Published: Dec 5, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

SAPID CMS before 1.2.3.03 allows remote attackers to bypass authentication via direct requests to the usr/system files (1) insert_file.php, (2) insert_image.php, (3) insert_link.php, (4) insert_qcfile.php, and (5) edit.php.

Affected (6)

Products: Redgraphic: Sapid Cms

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Redgraphic Sapid Cms	Up to 1.2.3.02
Redgraphic Sapid Cms	Version 1.2.3
Redgraphic Sapid Cms	Version 1.2.3 rc2
Redgraphic Sapid Cms	Version 1.2.3 rc3
Redgraphic Sapid Cms	Version 1.2.3 rc5
Redgraphic Sapid Cms	Version 1.2.3 stable

Related CWEs

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (12)

http://sapid-club.com/en/viewtopic.php?p=586#586

Source: cve@mitre.org

URL Repurposed

http://secunia.com/advisories/17859

Source: cve@mitre.org

PatchVendor Advisory

http://sourceforge.net/project/shownotes.php?release_id=375289&group_id=118100

Source: cve@mitre.org

http://www.osvdb.org/21389

Source: cve@mitre.org

http://www.securityfocus.com/bid/15689

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2005/2703

Source: cve@mitre.org

http://sapid-club.com/en/viewtopic.php?p=586#586

Source: af854a3a-2127-422b-91ae-364da2661108

URL Repurposed

http://secunia.com/advisories/17859

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://sourceforge.net/project/shownotes.php?release_id=375289&group_id=118100

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/21389

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/15689

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2005/2703

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.