Lucene search

[email protected]CVE-2010-0953

HistoryMar 10, 2010 - 8:14 p.m.

CVE-2010-0953

2010-03-1020:14:34

CWE-22

[email protected]

web.nvd.nist.gov

cve-2010-0953

directory traversal

mod.php

phpcoin 1.2.1

remote attackers

arbitrary files

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.8%

JSON

Directory traversal vulnerability in mod.php in phpCOIN 1.2.1 allows remote attackers to read arbitrary files via a … (dot dot) in the mod parameter.

Affected configurations

NVD

Node

phpcoinphpcoinMatch1.2.1

CPENameOperatorVersion
phpcoin:phpcoinphpcoineq1.2.1

CPE	Name	Operator	Version
phpcoin:phpcoin	phpcoin	eq	1.2.1

References

www.exploit-db.com/exploits/11641

www.securityfocus.com/bid/38576

exchange.xforce.ibmcloud.com/vulnerabilities/56721

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.8%

JSON

Related for CVE-2010-0953

cvelist1 openvas1 prion1 nvd1