CVE-2010-2314

PHP remote file inclusion vulnerability in nucleus/plugins/NP_Twitter.php in the NP_Twitter Plugin 0.8 and 0.9 for Nucleus, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DIR_PLUGINS parameter. NOTE: some of these details are obtained from third party information.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:edmondhui.homeip:np_twitter:0.9:*:*:*:*:*:*:*
cpe:2.3:a:edmondhui.homeip:np_twitter:0.8:*:*:*:*:*:*:*
cpe:2.3:a:nucleus_group:nucleus_cms:*:*:*:*:*:*:*:*

Information

Published : 2010-06-17 09:30

Updated : 2010-06-17 21:00


NVD link : CVE-2010-2314

Mitre link : CVE-2010-2314


JSON object : View

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

dedicated server usa

Products Affected

nucleus_group

  • nucleus_cms

edmondhui.homeip

  • np_twitter