Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-4281
HistoryDec 02, 2010 - 5:15 p.m.

CVE-2010-4281

2010-12-0217:15:00
CWE-94
[email protected]
web.nvd.nist.gov
29
cve
2010
4281
vulnerability
ajax.php
pandora fms
remote attackers
arbitrary php code
unc share pathname
security issue
nvd
exploit

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.023 Low

EPSS

Percentile

89.4%

JSON

Incomplete blacklist vulnerability in the safe_url_extraclean function in ajax.php in Pandora FMS before 3.1.1 allows remote attackers to execute arbitrary PHP code by using a page parameter containing a UNC share pathname, which bypasses the check for the : (colon) character.

Related

prion 1
seebug 1
exploitpack 1
exploitdb 1
packetstorm 1
openvas 2
securityvulns 2
prion
prion
Design/Logic Flaw
2010-12-02 17:15:00
seebug
seebug
Pandora FMS <= 3.1 Path Traversal and LFI
2014-07-01 00:00:00
exploitpack
exploitpack
Pandora Fms 3.1 - Directory Traversal Local File Inclusion
2010-11-30 00:00:00
exploitdb
exploitdb
Pandora Fms 3.1 - Directory Traversal / Local File Inclusion
2010-11-30 00:00:00
packetstorm
packetstorm
Pandora FMS Command Injection / SQL Injection / Path Traversal
2010-12-01 00:00:00
openvas
openvas
Pandora FMS Authentication Bypass And Multiple Input Validation Vulnerabilities
2010-12-01 00:00:00
Pandora FMS Authentication Bypass And Multiple Input Validation Vulnerabilities
2010-12-01 00:00:00
securityvulns
securityvulns
Pandora FMS Authentication Bypass and Multiple Input Validation Vulnerabilities
2010-12-01 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2010-12-01 00:00:00

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.023 Low

EPSS

Percentile

89.4%

JSON
Related for CVE-2010-4281
prion1seebug1exploitpack1exploitdb1packetstorm1openvas2securityvulns2