CVE-2005-3549: Code Injection
First published: Wed Nov 16 2005(Updated: )
Direct code injection vulnerability in Task Manager in Invision Power Board 2.0.1 allows limited remote attackers to execute arbitrary code by referencing the file in "Task PHP File To Run" field and selecting "Run Task Now".
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Invisioncommunity Invision Power Board | =2.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2005-3549?
CVE-2005-3549 is considered a high severity vulnerability due to its potential for arbitrary code execution.
How do I fix CVE-2005-3549?
To fix CVE-2005-3549, upgrade to a newer version of Invision Power Board that addresses this vulnerability.
What software is affected by CVE-2005-3549?
CVE-2005-3549 affects Invision Power Board version 2.0.1.
What type of vulnerability is CVE-2005-3549?
CVE-2005-3549 is a direct code injection vulnerability allowing remote attackers to execute arbitrary code.
Can CVE-2005-3549 be exploited remotely?
Yes, CVE-2005-3549 can be exploited remotely by attackers with limited access.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/weakness
- agent/remedy
- agent/author
- agent/last-modified-date
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/invision power services
- canonical/invisioncommunity invision power board
- version/invisioncommunity invision power board/2.0.1