CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-0976

Acidcat CMS 3.5.x does not prevent access to install.asp after installation finishes, which might allow remote attackers to restart the installation process and have unspecified other impact via requests to install.asp and other install_*.asp scripts. NOTE: the final installation screen states "Important: you must now delete all files beginning with 'install' from the root directory."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.021

EPSS Ranking 83.3%

CVSS Severity

CVSS v2 Score 7.5

References

http://packetstormsecurity.org/1001-exploits/acidcatcms-disclose.txt
http://www.exploit-db.com/exploits/10972
https://exchange.xforce.ibmcloud.com/vulnerabilities/55331
http://packetstormsecurity.org/1001-exploits/acidcatcms-disclose.txt
http://www.exploit-db.com/exploits/10972
https://exchange.xforce.ibmcloud.com/vulnerabilities/55331

Products affected by CVE-2010-0976

Acidcat » Acidcat Cms » Version: 3.5.0

cpe:2.3:a:acidcat:acidcat_cms:3.5.0
Acidcat » Acidcat Cms » Version: 3.5.1

cpe:2.3:a:acidcat:acidcat_cms:3.5.1
Acidcat » Acidcat Cms » Version: 3.5.2

cpe:2.3:a:acidcat:acidcat_cms:3.5.2
Acidcat » Acidcat Cms » Version: 3.5.3

cpe:2.3:a:acidcat:acidcat_cms:3.5.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-0976

Products

Pricing

Contact Us