CVE-2005-1752 – GForge 3.x - Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2005-1752
viewFile.php in the scm component of Gforge before 4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the file_name parameter. • https://www.exploit-db.com/exploits/25693 http://marc.info/?l=bugtraq&m=111695779919830&w=2 http://secunia.com/advisories/13845 http://www.securityfocus.com/bid/13716 •
CVE-2005-2431
https://notcve.org/view.php?id=CVE-2005-2431
The (1) lost password and (2) account pending features in GForge 4.5 do not properly set a limit on the number of e-mails sent to an e-mail address, which allows remote attackers to send a large number of messages to arbitrary e-mail addresses (aka mail bomb). Las funcionalidades pendientes de password perdido o cuenta en GForge 4.5 no fijan adecuadamente un límite en el número de e-mails enviados a una dirección de e-mail, lo que permite que atacantes remotos envíen un número elevado de mensajes a direcciones e-mail arbitrarias ("bomba de correo"). • http://marc.info/?l=bugtraq&m=112259845904350&w=2 •
CVE-2005-2430
https://notcve.org/view.php?id=CVE-2005-2430
Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5 allow remote attackers to inject arbitrary web script or HTML via the (1) forum_id or (2) group_id parameter to forum.php, (3) project_task_id parameter to task.php, (4) id parameter to detail.php, (5) the text field on the search page, (6) group_id parameter to qrs.php, (7) form, (8) rows, (9) cols or (10) wrap parameter to notepad.php, or the login field on the login form. Múltiples vulnerabilidades de secuencia de comandos en sitios cruzados en GForge 4.5 permiten que atacantes remotos inyecten script web arbitrario o HTML mediante: el parámetro (1) forum_id o (2) group_id a forum.php, (3) parámetro project_task_id a task.php, (4)parámetro id a detail.php, (5) el campo de texto en la página de búsqueda, (6) parámetro group_id a qrs.php, (7) form, (8) rows, (9) cols o (10) parámetro wrap a notepad.php, o (11) el campo de login en la página de login. • http://marc.info/?l=bugtraq&m=112259845904350&w=2 http://secunia.com/advisories/16253 http://secunia.com/advisories/20622 http://www.debian.org/security/2006/dsa-1094 http://www.osvdb.org/18299 http://www.osvdb.org/18300 http://www.osvdb.org/18301 http://www.osvdb.org/18302 http://www.osvdb.org/18303 http://www.osvdb.org/18304 http://www.securityfocus.com/bid/14405 https://exchange.xforce.ibmcloud.com/vulnerabilities/21558 •
CVE-2005-0299
https://notcve.org/view.php?id=CVE-2005-0299
Directory traversal vulnerability in GForge 3.3 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the (1) dir parameter to controller.php or (2) dir_name parameter to controlleroo.php. • http://marc.info/?l=bugtraq&m=110627132209963&w=2 http://securitytracker.com/id?1012950 http://www.securityfocus.com/bid/12318 https://exchange.xforce.ibmcloud.com/vulnerabilities/18988 •