CVE-2005-0565

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
02/05/2005
Last modified:
03/04/2025

Description

The Announce module in phpWebSite 0.10.0 and earlier allows remote attackers to execute arbitrary PHP code by setting the Image field to reference a PHP file whose name contains a .gif.php extension.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:phpwebsite:phpwebsite:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:phpwebsite:phpwebsite:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:phpwebsite:phpwebsite:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:phpwebsite:phpwebsite:0.9.2.1:*:*:*:*:*:*:*
cpe:2.3:a:phpwebsite:phpwebsite:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:phpwebsite:phpwebsite:0.9.3.1:*:*:*:*:*:*:*
cpe:2.3:a:phpwebsite:phpwebsite:0.9.3.2:*:*:*:*:*:*:*
cpe:2.3:a:phpwebsite:phpwebsite:0.9.3.3:*:*:*:*:*:*:*
cpe:2.3:a:phpwebsite:phpwebsite:0.9.3.4:*:*:*:*:*:*:*
cpe:2.3:a:phpwebsite:phpwebsite:0.10.0:*:*:*:*:*:*:*