CVE-2010-0988
Published Mar 26, 2010
Last updated 6 years ago
Overview
- Description
- Multiple unspecified vulnerabilities in Pulse CMS before 1.2.3 allow (1) remote attackers to write to arbitrary files and execute arbitrary PHP code via vectors related to improper handling of login failures by includes/login.php; and allow remote authenticated users to write to arbitrary files and execute arbitrary PHP code via vectors involving the (2) filename and (3) block parameters to view.php.
- Source
- PSIRT-CNA@flexerasoftware.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6
- Impact score
- 6.4
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-94
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pulsecms:pulse_cms:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C5C9D304-C593-42ED-883B-6BE31D9DF797",
"versionEndIncluding": "1.2.2"
},
{
"criteria": "cpe:2.3:a:pulsecms:pulse_cms:1.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB41D7AD-8AF9-4027-BCF3-1756D37CC05F"
},
{
"criteria": "cpe:2.3:a:pulsecms:pulse_cms:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "05527F85-88E8-40F4-A060-6662A3AFDA7D"
},
{
"criteria": "cpe:2.3:a:pulsecms:pulse_cms:1.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AAB9E887-A9AC-45B0-BA84-6F5F2F2789C7"
},
{
"criteria": "cpe:2.3:a:pulsecms:pulse_cms:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DBCEB5CA-A3B5-4011-B6E7-18345601A9A8"
},
{
"criteria": "cpe:2.3:a:pulsecms:pulse_cms:1.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ABFDED36-878A-4DB0-8173-BAC42B17BAF8"
},
{
"criteria": "cpe:2.3:a:pulsecms:pulse_cms:1.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D5DC810-2A15-4C06-B635-F50E41677926"
},
{
"criteria": "cpe:2.3:a:pulsecms:pulse_cms:1.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "214457F1-DAC7-43B9-9AC0-7F31FAB9DCD8"
},
{
"criteria": "cpe:2.3:a:pulsecms:pulse_cms:1.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A40020AF-A3C1-4775-8312-C3A8EDE3FDFC"
},
{
"criteria": "cpe:2.3:a:pulsecms:pulse_cms:1.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A59AE8E0-50A8-4855-B88E-1592A9ACD02D"
}
],
"operator": "OR"
}
]
}
]