CVE-2005-4174

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
11/12/2005
Last modified:
03/04/2025

Description

eFiction 1.0, 1.1, and 2.0, in unspecified environments, might allow remote attackers to conduct unauthorized operations by directly accessing (1) install.php or (2) upgrade.php. NOTE: it is unclear whether this is a vulnerability in eFiction itself or the result of incorrect system administration practices, e.g. by not removing utility scripts once they have been used.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:efiction_project:efiction:1.0:*:*:*:*:*:*:*
cpe:2.3:a:efiction_project:efiction:1.1:*:*:*:*:*:*:*
cpe:2.3:a:efiction_project:efiction:2.0:*:*:*:*:*:*:*