CVE-2010-1003

Directory traversal vulnerability in www/editor/tiny_mce/langs/language.php in eFront 3.5.x through 3.5.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langname parameter.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:efrontlearning:efront:3.5.0:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.5.4:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.5.3:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.5.5:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:efrontlearning:efront:3.5.2:*:*:*:*:*:*:*

Information

Published : 2010-03-19 13:30

Updated : 2018-10-10 12:55


NVD link : CVE-2010-1003

Mitre link : CVE-2010-1003


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

efrontlearning

  • efront