{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-11-14T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "PHP file inclusion vulnerability in protection.php in CodeGrrl (a) PHPCalendar 1.0, (b) PHPClique 1.0, (c) PHPCurrently 2.0, (d) PHPFanBase 2.1, and (e) PHPQuotes 1.0 allows remote attackers to include arbitrary local files via the siteurl parameter when register_globals is enabled. NOTE: It was later reported that PHPFanBase 2.2 is also affected."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-10-17T13:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1015206", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1015206"}, {"name": "15417", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/15417"}, {"name": "17542", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/17542"}, {"name": "20051113 PHPCalendar (and some more codegrrl.com products) arbitrary code", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=113199214723444&w=2"}, {"name": "ADV-2005-2402", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2005/2402"}, {"name": "21664", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/21664"}, {"name": "176", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/176"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-3571", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "PHP file inclusion vulnerability in protection.php in CodeGrrl (a) PHPCalendar 1.0, (b) PHPClique 1.0, (c) PHPCurrently 2.0, (d) PHPFanBase 2.1, and (e) PHPQuotes 1.0 allows remote attackers to include arbitrary local files via the siteurl parameter when register_globals is enabled. NOTE: It was later reported that PHPFanBase 2.2 is also affected."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1015206", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015206"}, {"name": "15417", "refsource": "BID", "url": "http://www.securityfocus.com/bid/15417"}, {"name": "17542", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17542"}, {"name": "20051113 PHPCalendar (and some more codegrrl.com products) arbitrary code", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=113199214723444&w=2"}, {"name": "ADV-2005-2402", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2402"}, {"name": "21664", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21664"}, {"name": "176", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/176"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T23:17:23.379Z"}, "title": "CVE Program Container", "references": [{"name": "1015206", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1015206"}, {"name": "15417", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/15417"}, {"name": "17542", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/17542"}, {"name": "20051113 PHPCalendar (and some more codegrrl.com products) arbitrary code", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=113199214723444&w=2"}, {"name": "ADV-2005-2402", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2005/2402"}, {"name": "21664", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/21664"}, {"name": "176", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/176"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-3571", "datePublished": "2005-11-16T07:37:00.000Z", "dateReserved": "2005-11-16T00:00:00.000Z", "dateUpdated": "2024-08-07T23:17:23.379Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:codegrrl:phpcalendar:*:*:*:*:*:*:*:*", "matchCriteriaId": "24B7C89C-7458-466C-91B1-DDA354FE4F15", "versionEndIncluding": "1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codegrrl:phpclique:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF9DA482-08DF-4857-B377-E271A207A10F", "versionEndIncluding": "1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codegrrl:phpcurrently:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC225CF6-E48A-43CE-B5ED-1DE376E4AF4D", "versionEndIncluding": "2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codegrrl:phpfanbase:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8BFBCF4-3EFD-4096-8C89-5EABA3261D1E", "versionEndIncluding": "2.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:codegrrl:phpquotes:*:*:*:*:*:*:*:*", "matchCriteriaId": "531A83B0-FF3A-45AA-80BD-CFEB23D072EA", "versionEndIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "PHP file inclusion vulnerability in protection.php in CodeGrrl (a) PHPCalendar 1.0, (b) PHPClique 1.0, (c) PHPCurrently 2.0, (d) PHPFanBase 2.1, and (e) PHPQuotes 1.0 allows remote attackers to include arbitrary local files via the siteurl parameter when register_globals is enabled. NOTE: It was later reported that PHPFanBase 2.2 is also affected."}], "id": "CVE-2005-3571", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-11-16T07:42:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=113199214723444&w=2"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/17542"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/176"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1015206"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/15417"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/21664"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2005/2402"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=113199214723444&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/17542"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/176"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015206"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/15417"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/21664"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2005/2402"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}