Lucene search
MitreCVE-2010-5281HistoryNov 26, 2012 - 11:55 p.m.
CVE-2010-5281
2012-11-2623:55:00
CWE-22
mitre
web.nvd.nist.gov
23
cve-2010-5281
directory traversal
ibrowser.php
cmscout 2.09
ibrowser tinymce plugin 1.4.1
magic quotes gpc
remote attackers
arbitrary files
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.029
Percentile
90.9%
Directory traversal vulnerability in ibrowser.php in the CMScout 2.09 IBrowser TinyMCE Plugin 1.4.1, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a … (dot dot) in the lang parameter. NOTE: some of these details are obtained from third party information.
Affected configurations
Node
net4visionsibrowserMatch1.4.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| net4visions | ibrowser | 1.4.1 | cpe:2.3:a:net4visions:ibrowser:1.4.1:*:*:*:*:*:*:* |
Related
prion
prion
Directory traversal
2012-11-26 23:55:00
exploitdb
exploitdb
iBrowser Plugin 1.4.1 - 'lang' Local File Inclusion
2011-09-17 00:00:00
nvd
nvd
CVE-2010-5281
2012-11-26 23:55:00
cvelist
cvelist
CVE-2010-5281
2012-11-26 23:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.029
Percentile
90.9%
Related for CVE-2010-5281