NVD

Id
12591  
Name
CVE-2010-1057  
Description
Multiple directory traversal vulnerabilities in Phpkobo AdFreely (aka Ad Board Script) 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a ..// (dot dot slash slash) in the LANG_CODE parameter to common.inc.php in (1) codelib/cfg/, (2) codelib/sys/, (3) staff/, and (4) staff/app/; and (5) staff/file.php. NOTE: some of these details are obtained from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-18  
Published
2010-03-23  
Modified Date
2010-03-24  
Seq
2010-1057  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
69180 12591 CVE-2010-1057 11722  View
69181 12591 CVE-2010-1057 38731  View
69182 12591 CVE-2010-1057 ADV-2010-0611  View
69183 12591 CVE-2010-1057 adfreely-commoninc-file-include(56858)  View
69184 12591 CVE-2010-1057 adboardscript-common-file-include(56865)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
39549 JVNDB-2010-005334 Phpkobo AdFreely におけるディレクトリトラバーサルの脆弱性 Phpkobo AdFreely には、magic_quotes_gpc が無効になっている際、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2010-1057 43637 CVE-2010-1057 12591 6.8 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-005334.html 2010-03-23 2012-12-20 View