CVE-2010-1337

Published Apr 9, 2010

Last updated 8 years ago

CVSS info 7.5

Overview

Description: Multiple PHP remote file inclusion vulnerabilities in definitions.php in Lussumo Vanilla 1.1.10, and possibly 0.9.2 and other versions, allow remote attackers to execute arbitrary PHP code via a URL in the (1) include and (2) Configuration['LANGUAGE'] parameters.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-94

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "696853FA-8A2F-4709-A8C5-E4A3FB98E578",
            "versionEndIncluding": "1.1.10"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:0.9.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34C3B2A7-EF53-4C3E-997D-F978C9286AF8"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8ED4C0D9-0821-4A49-BEFD-8EB3901B9AFE"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "218D8A6C-FD89-48AE-BD21-38B41B382259"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC2EA631-61AE-4E0B-9B1E-34FB8271AFF5"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2E0B536-6295-4D2A-8B1E-D39F0163CDE5"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81996E90-3F33-40C3-805E-D7D7C6E4B554"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:1.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55F8E29B-4D41-405B-912B-58FBE172AA00"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:1.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "618BF3EC-6E8B-48A9-89D3-A3F9F9B0F013"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:1.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "645126FC-DC09-49C5-8258-42C1DE25D84E"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:1.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54FDD129-FE07-40B7-A3AB-43DD888DFB53"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:1.1.5:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AD6C00D-8590-4A85-A833-EC7F2BE8A5B0"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:1.1.5:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D2BC2A8-A03F-45FA-8E2B-5F29A14D91F7"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:1.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FFDCFB6-1737-42C3-B4C0-0FFB01CF3C5C"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:1.1.6:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B6EC010-79FB-403E-8553-290CEFD86449"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:1.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6223303-36BD-4938-BA50-FF57D6ECEB52"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:1.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC66EA83-B033-46DE-A8C6-1B390E7B4127"
          },
          {
            "criteria": "cpe:2.3:a:lussumo:vanilla:1.1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79EE45D8-947A-4A7D-B1F8-B9AF2A51A287"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References