Vulnerability Description
Direct code injection vulnerability in Task Manager in Invision Power Board 2.0.1 allows limited remote attackers to execute arbitrary code by referencing the file in "Task PHP File To Run" field and selecting "Run Task Now".
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Invision Power Services | Invision Board | 2.0.1 |
References
- http://secunia.com/advisories/17443PatchVendor Advisory
- http://www.securityfocus.com/archive/1/415798/30/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40003
- http://secunia.com/advisories/17443PatchVendor Advisory
- http://www.securityfocus.com/archive/1/415798/30/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40003
FAQ
What is CVE-2005-3549?
CVE-2005-3549 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Direct code injection vulnerability in Task Manager in Invision Power Board 2.0.1 allows limited remote attackers to execute arbitrary code by referencing the file in "Task PHP File To Run" field and ...
How severe is CVE-2005-3549?
CVE-2005-3549 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3549?
Check the references section above for vendor advisories and patch information. Affected products include: Invision Power Services Invision Board.