Lucene search

PRIOn knowledge basePRION:CVE-2010-0983

HistoryMar 16, 2010 - 7:30 p.m.

Remote file inclusion

2010-03-1619:30:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.077 Low

EPSS

Percentile

94.0%

JSON

PHP remote file inclusion vulnerability in include/mail.inc.php in Rezervi 3.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, a different vector than CVE-2007-2156.

CPENameOperatorVersion
rezervile3.0.2

CPE	Name	Operator	Version
	rezervi	le	3.0.2

References

osvdb.org/61450

packetstormsecurity.org/1001-exploits/rezervi-rfi.txt

secunia.com/advisories/38118

www.securityfocus.com/bid/37589

www.vupen.com/english/advisories/2010/0016

exchange.xforce.ibmcloud.com/vulnerabilities/55341

www.exploit-db.com/exploits/10967

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.077 Low

EPSS

Percentile

94.0%

JSON

Related for PRION:CVE-2010-0983