Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 09/10/2011 Updated: 11/04/2024

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Directory traversal vulnerability in maincore.php in PHP-Fusion allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the folder_level parameter. NOTE: this issue has been disputed by a reliable third party

Vulnerable Product	Search on Vulmon	Subscribe to Product
php-fusion php-fusion -

# Exploit Title: PHP-Fusion Local File Includes Vulnerability # Date: 2010/08/15 # Author: MoDaMeR # Email: k@livema # My Sites : wwwv4-teamcom & wwwhackteachorg # Script home: wwwphpfusion-arcom # download Script: wwwphpfusion-arcom/downloadsphp?cat_id=1&download_id=91 # Version:all # Tested on: Linux # Team hacke ...

CWE-22 http://www.exploit-db.com/exploits/14647 http://attrition.org/pipermail/vim/2010-August/002391.html http://www.securityfocus.com/bid/42456 https://nvd.nist.gov https://www.exploit-db.com/exploits/14647/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-4931

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect