Lucene search

[email protected]CVE-2010-1467

HistoryApr 16, 2010 - 7:30 p.m.

CVE-2010-1467

2010-04-1619:30:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2010-1467

php

remote file inclusion

openurgence vaccin

security vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.2%

JSON

Multiple PHP remote file inclusion vulnerabilities in openUrgence Vaccin 1.03 allow remote attackers to execute arbitrary PHP code via a URL in the path_om parameter to (1) collectivite.class.php, (2) injection.class.php, (3) utilisateur.class.php, (4) droit.class.php, (5) laboratoire.class.php, (6) vaccin.class.php, (7) effetsecondaire.class.php, (8) medecin.class.php, (9) individu.class.php, and (10) profil.class.php in gen/obj/.

Affected configurations

NVD

Node

francois_raynaudopenurgence_vaccinMatch1.03

CPENameOperatorVersion
francois_raynaud:openurgence_vaccinfrancois raynaud openurgence vaccineq1.03

CPE	Name	Operator	Version
francois_raynaud:openurgence_vaccin	francois raynaud openurgence vaccin	eq	1.03

References

secunia.com/advisories/39400

www.exploit-db.com/exploits/12193

www.securityfocus.com/bid/39412

exchange.xforce.ibmcloud.com/vulnerabilities/57815

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.2%

JSON

Related for CVE-2010-1467

prion1 cvelist1 nvd1 openvas2