Vulnerability Details CVE-2010-1951
Multiple directory traversal vulnerabilities in 60cycleCMS allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the DOCUMENT_ROOT parameter to (1) news.php, (2) submitComment.php, and (3) sqlConnect.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.023
EPSS Ranking 83.9%
CVSS Severity
CVSS v2 Score 6.8
References
- http://www.exploit-db.com/exploits/12249
- http://www.securityfocus.com/archive/1/510721/100/0/threaded
- http://www.securityfocus.com/bid/39473
- https://exchange.xforce.ibmcloud.com/vulnerabilities/57873
- http://www.exploit-db.com/exploits/12249
- http://www.securityfocus.com/archive/1/510721/100/0/threaded
- http://www.securityfocus.com/bid/39473
- https://exchange.xforce.ibmcloud.com/vulnerabilities/57873
Products affected by CVE-2010-1951
-
cpe:2.3:a:60cyclecms_project:60cyclecms:2.5.2