Lucene search

MitreCVELIST:CVE-2010-4924

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-4924

2022-10-0316:21:06

mitre

www.cve.org

cve-2010-4924

php

remote file inclusion

logic/controller.class.php

clearbudget 0.9.8

arbitrary php code

url

actionpath parameter

disputed

reliable third party

7.5 High

AI Score

Confidence

High

0.057 Low

EPSS

Percentile

93.4%

JSON

PHP remote file inclusion vulnerability in logic/controller.class.php in clearBudget 0.9.8 allows remote attackers to execute arbitrary PHP code via a URL in the actionPath parameter. NOTE: this issue has been disputed by a reliable third party

References

attrition.org/pipermail/vim/2010-August/002388.html

www.exploit-db.com/exploits/14614

www.securityfocus.com/bid/42351