Vulnerability Description
The reportpost action in misc.php for PhotoPost PHP 5.0 RC3 does not limit the logging data that is sent to the administrator, which allows remote attackers to send large amounts of email to the administrator.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Photopost | Photopost Php Pro | 5.0_rc3 |
References
- http://marc.info/?l=bugtraq&m=111065868402859&w=2
- http://secunia.com/advisories/14576Exploit
- http://www.securityfocus.com/bid/12779
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19676
- http://marc.info/?l=bugtraq&m=111065868402859&w=2
- http://secunia.com/advisories/14576Exploit
- http://www.securityfocus.com/bid/12779
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19676
FAQ
What is CVE-2005-0775?
CVE-2005-0775 is a vulnerability with a CVSS score of 7.5 (HIGH). The reportpost action in misc.php for PhotoPost PHP 5.0 RC3 does not limit the logging data that is sent to the administrator, which allows remote attackers to send large amounts of email to the admin...
How severe is CVE-2005-0775?
CVE-2005-0775 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0775?
Check the references section above for vendor advisories and patch information. Affected products include: Photopost Photopost Php Pro.