Vulnerability Description
PHP remote file inclusion vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote attackers to execute arbitrary PHP code by modifying the view parameter to reference a URL on a remote web server that contains the code.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alstrasoft | Epay | 2.0 |
References
- http://marc.info/?l=bugtraq&m=111247198021626&w=2
- http://secunia.com/advisories/14802Vendor Advisory
- http://www.securityfocus.com/bid/12973Exploit
- http://marc.info/?l=bugtraq&m=111247198021626&w=2
- http://secunia.com/advisories/14802Vendor Advisory
- http://www.securityfocus.com/bid/12973Exploit
FAQ
What is CVE-2005-0980?
CVE-2005-0980 is a vulnerability with a CVSS score of 7.5 (HIGH). PHP remote file inclusion vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote attackers to execute arbitrary PHP code by modifying the view parameter to reference a URL on a remote web...
How severe is CVE-2005-0980?
CVE-2005-0980 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0980?
Check the references section above for vendor advisories and patch information. Affected products include: Alstrasoft Epay.