CVE-2010-0680

Directory traversal vulnerability in index.php in ZeusCMS 0.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.exploit-db.com/exploits/11437	Exploit
http://www.securityfocus.com/bid/38237	Exploit

Configurations

Configuration 1 (hide)

cpe:2.3:a:zeuscms:zeuscms:0.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2010-02-22 21:30

Updated : 2024-02-28 11:41

NVD link : CVE-2010-0680

Mitre link : CVE-2010-0680

CVE.ORG link : CVE-2010-0680

JSON object : View

Products Affected

zeuscms

zeuscms

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

7.5 /10