Lucene search

[email protected]CVE-2010-0957

HistoryMar 10, 2010 - 8:14 p.m.

CVE-2010-0957

2010-03-1020:14:34

CWE-22

[email protected]

web.nvd.nist.gov

cve

2010

0957

directory traversal

vulnerability

saskia's shopsystem

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.1%

JSON

Directory traversal vulnerability in content.php in Saskia’s Shopsystem beta1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter.

Affected configurations

NVD

Node

saskia_brucknersaskias_shopsystemRange≤beta1

CPENameOperatorVersion
saskia_bruckner:saskias_shopsystemsaskia bruckner saskias shopsystemlebeta1

CPE	Name	Operator	Version
saskia_bruckner:saskias_shopsystem	saskia bruckner saskias shopsystem	le	beta1

References

packetstormsecurity.org/1002-exploits/saskiashopsystem-lfi.txt

www.exploit-db.com/exploits/11433

www.securityfocus.com/bid/38574

exchange.xforce.ibmcloud.com/vulnerabilities/56358

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.1%

JSON

Related for CVE-2010-0957

prion1 cvelist1 nvd1