Lucene search

K
cve[email protected]CVE-2010-5040
HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-5040

2022-10-0316:21:02
CWE-94
web.nvd.nist.gov
21
cve-2010-5040
php
remote file inclusion
np_gallery plugin
nucleus
vulnerability
nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.028

Percentile

90.6%

PHP remote file inclusion vulnerability in nucleus/plugins/NP_gallery.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary PHP code via a URL in the DIR_NUCLEUS parameter. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD
Node
john_bradshawnp_gallery_pluginMatch0.94
AND
nucleuscmsnucleus
VendorProductVersionCPE
john_bradshawnp_gallery_plugin0.94cpe:/a:john_bradshaw:np_gallery_plugin:0.94:::

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.028

Percentile

90.6%

Related for CVE-2010-5040