CVE-2010-3606
Summary
| CVE | CVE-2010-3606 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2010-09-24 21:00:00 UTC |
| Updated | 2017-08-17 01:33:00 UTC |
| Description | Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allow remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) folder and (2) action parameters. |
Risk And Classification
Problem Types: CWE-22
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Netartmedia | Real Estate Portal | 2.0 | All | All | All |
| Application | Netartmedia | Real Estate Portal | 2.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| -UNSECURED SYSTEMS-: NetArtMEDIA Real Estate Portal v2.0 XSS vuln. + NetArtMEDIA lfi. | MISC | pridels-team.blogspot.com | |
| 68062 | OSVDB | osvdb.org | |
| NetArt Media Real Estate Portal 'index.php' Multiple Vulnerabilities | BID | www.securityfocus.com | |
| About Secunia Research | Flexera | SECUNIA | secunia.com | Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.