Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-2797
HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-2797

2022-10-0316:21:08
CWE-22
[email protected]
web.nvd.nist.gov
22
cve-2010-2797
directory traversal vulnerability
cms made simple
remote attackers
arbitrary execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.4%

JSON

Directory traversal vulnerability in lib/translation.functions.php in CMS Made Simple before 1.8.1 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the default_cms_lang parameter to an admin script, as demonstrated by admin/addbookmark.php, a different vulnerability than CVE-2008-5642.

Affected configurations

NVD
Node
cmsmadesimplecms_made_simpleRange1.6.8
OR
cmsmadesimplecms_made_simpleMatch1.0
OR
cmsmadesimplecms_made_simpleMatch1.0beta1
OR
cmsmadesimplecms_made_simpleMatch1.0beta2
OR
cmsmadesimplecms_made_simpleMatch1.0beta3
OR
cmsmadesimplecms_made_simpleMatch1.0beta4
OR
cmsmadesimplecms_made_simpleMatch1.0beta5
OR
cmsmadesimplecms_made_simpleMatch1.0beta6
OR
cmsmadesimplecms_made_simpleMatch1.0.1
OR
cmsmadesimplecms_made_simpleMatch1.0.2
OR
cmsmadesimplecms_made_simpleMatch1.0.3
OR
cmsmadesimplecms_made_simpleMatch1.0.4
OR
cmsmadesimplecms_made_simpleMatch1.0.5
OR
cmsmadesimplecms_made_simpleMatch1.0.6
OR
cmsmadesimplecms_made_simpleMatch1.0.7
OR
cmsmadesimplecms_made_simpleMatch1.0.8
OR
cmsmadesimplecms_made_simpleMatch1.1
OR
cmsmadesimplecms_made_simpleMatch1.1rc1
OR
cmsmadesimplecms_made_simpleMatch1.1rc2
OR
cmsmadesimplecms_made_simpleMatch1.1rc3
OR
cmsmadesimplecms_made_simpleMatch1.1.1
OR
cmsmadesimplecms_made_simpleMatch1.1.2
OR
cmsmadesimplecms_made_simpleMatch1.1.3.1
OR
cmsmadesimplecms_made_simpleMatch1.1.4.1
OR
cmsmadesimplecms_made_simpleMatch1.2
OR
cmsmadesimplecms_made_simpleMatch1.2beta1
OR
cmsmadesimplecms_made_simpleMatch1.2beta2
OR
cmsmadesimplecms_made_simpleMatch1.2beta3
OR
cmsmadesimplecms_made_simpleMatch1.2rc1
OR
cmsmadesimplecms_made_simpleMatch1.2.1
OR
cmsmadesimplecms_made_simpleMatch1.2.2
OR
cmsmadesimplecms_made_simpleMatch1.2.3
OR
cmsmadesimplecms_made_simpleMatch1.2.4
OR
cmsmadesimplecms_made_simpleMatch1.2.5
OR
cmsmadesimplecms_made_simpleMatch1.3
OR
cmsmadesimplecms_made_simpleMatch1.3beta1
OR
cmsmadesimplecms_made_simpleMatch1.3beta2
OR
cmsmadesimplecms_made_simpleMatch1.3.1
OR
cmsmadesimplecms_made_simpleMatch1.4
OR
cmsmadesimplecms_made_simpleMatch1.4beta1
OR
cmsmadesimplecms_made_simpleMatch1.4beta2
OR
cmsmadesimplecms_made_simpleMatch1.4.1
OR
cmsmadesimplecms_made_simpleMatch1.5
OR
cmsmadesimplecms_made_simpleMatch1.5beta1
OR
cmsmadesimplecms_made_simpleMatch1.5.1
OR
cmsmadesimplecms_made_simpleMatch1.5.2
OR
cmsmadesimplecms_made_simpleMatch1.5.3
OR
cmsmadesimplecms_made_simpleMatch1.5.4
OR
cmsmadesimplecms_made_simpleMatch1.6
OR
cmsmadesimplecms_made_simpleMatch1.6.1
OR
cmsmadesimplecms_made_simpleMatch1.6.2
OR
cmsmadesimplecms_made_simpleMatch1.6.3
OR
cmsmadesimplecms_made_simpleMatch1.6.4
OR
cmsmadesimplecms_made_simpleMatch1.6.5
OR
cmsmadesimplecms_made_simpleMatch1.6.6
OR
cmsmadesimplecms_made_simpleMatch1.6.7
OR
cmsmadesimplecms_made_simpleMatch1.7

Related

nvd 2
cvelist 2
prion 2
openvas 1
d2 1
dsquare 2
cve 1
nessus 1
nvd
nvd
CVE-2010-2797
2010-10-08 21:00:01
CVE-2008-5642
2008-12-17 17:30:00
cvelist
cvelist
CVE-2010-2797
2022-10-03 16:21:08
CVE-2008-5642
2008-12-17 17:00:00
prion
prion
Directory traversal
2010-10-08 21:00:00
Directory traversal
2008-12-17 17:30:00
openvas
openvas
CMS Made Simple < 1.8.1 Parameter LFI Vulnerability - Active Check
2010-07-14 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_CMSMS
2010-10-08 21:00:00
dsquare
dsquare
CMS Made Simple 1.8 LFI
2012-01-26 00:00:00
CMS Made Simple 1.4.1 LFI
2012-04-27 00:00:00
cve
cve
CVE-2008-5642
2008-12-17 17:30:00
nessus
nessus
CMS Made Simple admin/login.php cms_language Cookie Local File Inclusion
2008-12-01 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.4%

JSON
Related for CVE-2010-2797
nvd2cvelist2prion2openvas1d21dsquare2cve1nessus1