Vulnerability Details CVE-2010-1115
Directory traversal vulnerability in news/include/customize.php in Web Server Creator - Web Portal 0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.9%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www.packetstormsecurity.com/1001-exploits/webservercreator-traversalxssrfi.txt
- http://www.securityfocus.com/bid/37841
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55725
- http://www.packetstormsecurity.com/1001-exploits/webservercreator-traversalxssrfi.txt
- http://www.securityfocus.com/bid/37841
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55725
Products affected by CVE-2010-1115
-
cpe:2.3:a:comscripts:web_server_creator_web_portal:0.1