Low severity3.7NVD Advisory· Published May 2, 2005· Updated Apr 16, 2026

CVE-2005-0254

Description

BibORB 1.3.2, and possibly earlier versions, does not properly enforce a restriction for uploading only PDF and PS files, which allows remote attackers to upload arbitrary files that are presented to other users with PDF or PS icons, which may trick some users into downloading and executing those files.

Affected products

Guillaumegardey/Biborb2 versions
cpe:2.3:a:guillaumegardey:biborb:1.3.2:-:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:guillaumegardey:biborb:1.3.2:-:*:*:*:*:*:*
- cpe:2.3:a:guillaumegardey:biborb:1.3.2:rc:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/12583nvdBroken LinkPatchThird Party AdvisoryVDB Entry
marc.infonvdExploitMailing ListThird Party Advisory
marc.infonvdExploitMailing ListThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.240
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000