{ "schema_version": "1.4.0", "id": "GHSA-h9jc-v73g-356r", "modified": "2025-04-03T04:19:37Z", "published": "2022-05-01T02:18:50Z", "aliases": [ "CVE-2005-3519" ], "details": "Multiple PHP file inclusion vulnerabilities in MySource 2.14.0 allow remote attackers to execute arbitrary PHP code and include arbitrary local files via the (1) INCLUDE_PATH and (2) SQUIZLIB_PATH parameters in new_upgrade_functions.php, (3) the INCLUDE_PATH parameter in init_mysource.php, and the PEAR_PATH parameter in (4) Socket.php, (5) Request.php, (6) Mail.php, (7) Date.php, (8) Span.php, (9) mimeDecode.php, and (10) mime.php.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-3519" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22772" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq&m=112966933202769&w=2" }, { "type": "WEB", "url": "http://secunia.com/advisories/16946" }, { "type": "WEB", "url": "http://securityreason.com/securityalert/92" }, { "type": "WEB", "url": "http://securitytracker.com/id?1015075" }, { "type": "WEB", "url": "http://www.osvdb.org/20035" }, { "type": "WEB", "url": "http://www.osvdb.org/20036" }, { "type": "WEB", "url": "http://www.osvdb.org/20037" }, { "type": "WEB", "url": "http://www.osvdb.org/20038" }, { "type": "WEB", "url": "http://www.osvdb.org/20039" }, { "type": "WEB", "url": "http://www.osvdb.org/20040" }, { "type": "WEB", "url": "http://www.osvdb.org/20041" }, { "type": "WEB", "url": "http://www.osvdb.org/20042" }, { "type": "WEB", "url": "http://www.osvdb.org/20043" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/15133/discuss" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2005/2132" } ], "database_specific": { "cwe_ids": [], "severity": "HIGH", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2005-11-06T11:03:00Z" } }