Lucene search
MitreCVE-2010-3206HistorySep 03, 2010 - 6:00 p.m.
CVE-2010-3206
2010-09-0318:00:03
CWE-94
mitre
web.nvd.nist.gov
24
cve
php
remote file inclusion
diy-cms 1.0
vulnerability
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.007
Percentile
80.7%
Multiple PHP remote file inclusion vulnerabilities in DiY-CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) lang parameter to modules/guestbook/blocks/control.block.php, (2) main_module parameter to index.php, and (3) getFile parameter to includes/general.functions.php.
Affected configurations
Node
diy-cmsdiy-cmsMatch1.0
Related
prion
prion
Remote file inclusion
2010-09-03 18:00:00
exploitdb
exploitdb
DIY-CMS 1.0 - Multiple Remote File Inclusions
2010-08-28 00:00:00
cvelist
cvelist
CVE-2010-3206
2010-09-03 17:12:00
nvd
nvd
CVE-2010-3206
2010-09-03 18:00:03
openvas
openvas
DiY-CMS Multiple Remote File Inclusion Vulnerabilities
2010-09-10 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.007
Percentile
80.7%
Related for CVE-2010-3206