Lucene search

[email protected]CVE-2010-0983

HistoryMar 16, 2010 - 7:30 p.m.

CVE-2010-0983

2010-03-1619:30:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2010-0983

php

remote file inclusion

vulnerability

rezervi 3.0.2

7.7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.077 Low

EPSS

Percentile

94.2%

JSON

PHP remote file inclusion vulnerability in include/mail.inc.php in Rezervi 3.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, a different vector than CVE-2007-2156.

CPENameOperatorVersion
utilo:rezerviutilo rezervile3.0.2

CPE	Name	Operator	Version
utilo:rezervi	utilo rezervi	le	3.0.2

References

osvdb.org/61450

packetstormsecurity.org/1001-exploits/rezervi-rfi.txt

secunia.com/advisories/38118

www.exploit-db.com/exploits/10967

www.securityfocus.com/bid/37589

www.vupen.com/english/advisories/2010/0016

exchange.xforce.ibmcloud.com/vulnerabilities/55341

7.7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.077 Low

EPSS

Percentile

94.2%

JSON

Related for CVE-2010-0983

prion2 openvas2 cve1