CVE-2005-3519

N/A Unknown
Published: November 06, 2005 Modified: April 16, 2026
View on NVD

Description

Multiple PHP file inclusion vulnerabilities in MySource 2.14.0 allow remote attackers to execute arbitrary PHP code and include arbitrary local files via the (1) INCLUDE_PATH and (2) SQUIZLIB_PATH parameters in new_upgrade_functions.php, (3) the INCLUDE_PATH parameter in init_mysource.php, and the PEAR_PATH parameter in (4) Socket.php, (5) Request.php, (6) Mail.php, (7) Date.php, (8) Span.php, (9) mimeDecode.php, and (10) mime.php.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://marc.info/?l=bugtraq&m=112966933202769&w=2
Source: cve@mitre.org
http://secunia.com/advisories/16946/
Source: cve@mitre.org
Exploit Patch Vendor Advisory
http://securityreason.com/securityalert/92
Source: cve@mitre.org
http://securitytracker.com/id?1015075
Source: cve@mitre.org
Exploit Patch Vendor Advisory
http://www.osvdb.org/20035
Source: cve@mitre.org
http://www.osvdb.org/20036
Source: cve@mitre.org
http://www.osvdb.org/20037
Source: cve@mitre.org
http://www.osvdb.org/20038
Source: cve@mitre.org
http://www.osvdb.org/20039
Source: cve@mitre.org
http://www.osvdb.org/20040
Source: cve@mitre.org
http://www.osvdb.org/20041
Source: cve@mitre.org
http://www.osvdb.org/20042
Source: cve@mitre.org
http://www.osvdb.org/20043
Source: cve@mitre.org
http://www.securityfocus.com/bid/15133/discuss
Source: cve@mitre.org
Exploit Patch
http://www.vupen.com/english/advisories/2005/2132
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/22772
Source: cve@mitre.org
http://marc.info/?l=bugtraq&m=112966933202769&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/16946/
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Patch Vendor Advisory
http://securityreason.com/securityalert/92
Source: af854a3a-2127-422b-91ae-364da2661108
http://securitytracker.com/id?1015075
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Patch Vendor Advisory
http://www.osvdb.org/20035
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/20036
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/20037
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/20038
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/20039
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/20040
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/20041
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/20042
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/20043
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/15133/discuss
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Patch
http://www.vupen.com/english/advisories/2005/2132
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/22772
Source: af854a3a-2127-422b-91ae-364da2661108

32 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
4.3%
89th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

mysource