Lucene search

K
cve[email protected]CVE-2010-1710
HistoryMay 04, 2010 - 4:00 p.m.

CVE-2010-1710

2010-05-0416:00:35
CWE-22
web.nvd.nist.gov
20
cve-2010-1710
directory traversal
siestta 2.0
login.php
register_globals
remote execution

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.012

Percentile

85.4%

Directory traversal vulnerability in login.php in Siestta 2.0, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the idioma parameter.

Affected configurations

NVD
Node
ramoncastrosiesttaMatch2.0
VendorProductVersionCPE
ramoncastrosiestta2.0cpe:/a:ramoncastro:siestta:2.0:::

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.012

Percentile

85.4%

Related for CVE-2010-1710