Unrated severityNVD Advisory· Published Dec 5, 2005· Updated Apr 16, 2026
CVE-2005-4006
CVE-2005-4006
Description
SAPID CMS before 1.2.3.03 allows remote attackers to bypass authentication via direct requests to the usr/system files (1) insert_file.php, (2) insert_image.php, (3) insert_link.php, (4) insert_qcfile.php, and (5) edit.php.
Affected products
6cpe:2.3:a:redgraphic:sapid_cms:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:redgraphic:sapid_cms:*:*:*:*:*:*:*:*range: <=1.2.3.02
- cpe:2.3:a:redgraphic:sapid_cms:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:redgraphic:sapid_cms:1.2.3:rc2:*:*:*:*:*:*
- cpe:2.3:a:redgraphic:sapid_cms:1.2.3:rc3:*:*:*:*:*:*
- cpe:2.3:a:redgraphic:sapid_cms:1.2.3:rc5:*:*:*:*:*:*
- cpe:2.3:a:redgraphic:sapid_cms:1.2.3:stable:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- secunia.com/advisories/17859nvdPatchVendor Advisory
- sapid-club.com/en/viewtopic.phpnvdURL Repurposed
- sourceforge.net/project/shownotes.phpnvd
- www.osvdb.org/21389nvd
- www.securityfocus.com/bid/15689nvd
- www.vupen.com/english/advisories/2005/2703nvd
News mentions
0No linked articles in our index yet.