Vulnerability Details : CVE-2005-3639
PHP file inclusion vulnerability in the osTicket module in Help Center Live before 2.0.3 allows remote attackers to access or include arbitrary files via the file parameter, possibly due to a directory traversal vulnerability.
Vulnerability category: Directory traversal
Exploit prediction scoring system (EPSS) score for CVE-2005-3639
Probability of exploitation activity in the next 30 days: 9.64%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2005-3639
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2005-3639
Products affected by CVE-2005-3639
- cpe:2.3:a:ubertec:help_center_live:*:*:*:*:*:*:*:*