{"api_version":"1","generated_at":"2026-04-24T14:07:14+00:00","cve":"CVE-2010-3606","urls":{"html":"https://cve.report/CVE-2010-3606","api":"https://cve.report/api/cve/CVE-2010-3606.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2010-3606","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2010-3606"},"summary":{"title":"CVE-2010-3606","description":"Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allow remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) folder and (2) action parameters.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2010-09-24 21:00:00","updated_at":"2017-08-17 01:33:00"},"problem_types":["CWE-22"],"metrics":[],"references":[{"url":"http://pridels-team.blogspot.com/2010/09/netartmedia-real-estate-portal-v20-xss.html","name":"http://pridels-team.blogspot.com/2010/09/netartmedia-real-estate-portal-v20-xss.html","refsource":"MISC","tags":[],"title":"-UNSECURED SYSTEMS-: NetArtMEDIA Real Estate Portal v2.0 XSS vuln. + NetArtMEDIA lfi.","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/68062","name":"68062","refsource":"OSVDB","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.securityfocus.com/bid/43266","name":"43266","refsource":"BID","tags":[],"title":"NetArt Media Real Estate Portal 'index.php' Multiple Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://secunia.com/advisories/41377","name":"41377","refsource":"SECUNIA","tags":["Vendor Advisory"],"title":"About Secunia Research | Flexera","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/61867","name":"realestateportal-index-file-include(61867)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2010-3606","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-3606","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2010","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netartmedia","cpe5":"real_estate_portal","cpe6":"2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"3606","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netartmedia","cpe5":"real_estate_portal","cpe6":"2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2010-3606","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allow remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) folder and (2) action parameters."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"68062","refsource":"OSVDB","url":"http://osvdb.org/68062"},{"name":"http://pridels-team.blogspot.com/2010/09/netartmedia-real-estate-portal-v20-xss.html","refsource":"MISC","url":"http://pridels-team.blogspot.com/2010/09/netartmedia-real-estate-portal-v20-xss.html"},{"name":"43266","refsource":"BID","url":"http://www.securityfocus.com/bid/43266"},{"name":"41377","refsource":"SECUNIA","url":"http://secunia.com/advisories/41377"},{"name":"realestateportal-index-file-include(61867)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/61867"}]}},"nvd":{"publishedDate":"2010-09-24 21:00:00","lastModifiedDate":"2017-08-17 01:33:00","problem_types":["CWE-22"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":6.8},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netartmedia:real_estate_portal:2.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2010","CveId":"3606","Ordinal":"45890","Title":"CVE-2010-3606","CVE":"CVE-2010-3606","Year":"2010"},"notes":[{"CveYear":"2010","CveId":"3606","Ordinal":"1","NoteData":"Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allow remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) folder and (2) action parameters.","Type":"Description","Title":null},{"CveYear":"2010","CveId":"3606","Ordinal":"2","NoteData":"2010-09-24","Type":"Other","Title":"Published"},{"CveYear":"2010","CveId":"3606","Ordinal":"3","NoteData":"2017-08-16","Type":"Other","Title":"Modified"}]}}}