Lucene search

K
cve[email protected]CVE-2010-1710
HistoryMay 04, 2010 - 4:00 p.m.

CVE-2010-1710

2010-05-0416:00:35
CWE-22
web.nvd.nist.gov
20
cve-2010-1710
directory traversal
siestta 2.0
login.php
register_globals
remote execution

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.4%

Directory traversal vulnerability in login.php in Siestta 2.0, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the idioma parameter.

Affected configurations

NVD
Node
ramoncastrosiesttaMatch2.0

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.4%

Related for CVE-2010-1710