Описание
Multiple directory traversal vulnerabilities in index.php in Linker IMG 1.0 and earlier allow remote attackers to read and execute arbitrary local files via a URL in the (1) cook_lan cookie parameter ($lan_dir variable) or possibly (2) Sdb_type parameter. NOTE: this was originally reported as remote file inclusion, but this may be inaccurate.
Multiple directory traversal vulnerabilities in index.php in Linker IMG 1.0 and earlier allow remote attackers to read and execute arbitrary local files via a URL in the (1) cook_lan cookie parameter ($lan_dir variable) or possibly (2) Sdb_type parameter. NOTE: this was originally reported as remote file inclusion, but this may be inaccurate.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-2456
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59614
- http://packetstormsecurity.org/1006-exploits/linkerimg-rfi.txt
- http://www.attrition.org/pipermail/vim/2010-June/002354.html
- http://www.exploit-db.com/exploits/13964
- http://www.vupen.com/english/advisories/2010/1562
Связанные уязвимости
Multiple directory traversal vulnerabilities in index.php in Linker IMG 1.0 and earlier allow remote attackers to read and execute arbitrary local files via a URL in the (1) cook_lan cookie parameter ($lan_dir variable) or possibly (2) Sdb_type parameter. NOTE: this was originally reported as remote file inclusion, but this may be inaccurate.