CVE-2010-0953
published 2010-03-10CVE-2010-0953: Directory traversal vulnerability in mod.php in phpCOIN 1.2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the mod parameter.
PriorityP335medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
1.92%
77.3th percentile
Directory traversal vulnerability in mod.php in phpCOIN 1.2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the mod parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpcoin | phpcoin | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
phpCOIN 1.2.1 mod.php mod path traversal (EDB-11641 / XFDB-56721)
vuldb·2026-05-02·CVSS 6.8
CVE-2010-0953 [MEDIUM] phpCOIN 1.2.1 mod.php mod path traversal (EDB-11641 / XFDB-56721)
A vulnerability labeled as problematic has been found in phpCOIN 1.2.1. Affected by this vulnerability is an unknown functionality of the file mod.php. Such manipulation of the argument mod leads to path traversal.
This vulnerability is listed as CVE-2010-0953. The attack may be performed from remote. In addition, an exploit is available.
GHSA
GHSA-fh66-rv47-v3c4: Directory traversal vulnerability in mod
ghsa_unreviewed·2022-05-02
CVE-2010-0953 [MEDIUM] CWE-22 GHSA-fh66-rv47-v3c4: Directory traversal vulnerability in mod
Directory traversal vulnerability in mod.php in phpCOIN 1.2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the mod parameter.
Suricata
ET WEB_SERVER PHP Possible ssh2 Remote File Inclusion Attempt
suricata·2011-06-10
CVE-2002-0953 ET WEB_SERVER PHP Possible ssh2 Remote File Inclusion Attempt
ET WEB_SERVER PHP Possible ssh2 Remote File Inclusion Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER PHP Possible ssh2 Remote File Inclusion Attempt"; flow:established,to_server; http.uri; content:".php?"; content:"=ssh2|3a|//"; reference:cve,2002-0953; reference:url,diablohorn.wordpress.com/2010/01/16/interesting-local-file-inclusion-method/; classtype:web-application-attack; sid:2013006; rev:5; metadata:created_at 2011_06_10, cve CVE_2002_0953, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_20, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SERVER PHP Possible phar Remote File Inclusion Attempt
suricata·2011-06-10
CVE-2002-0953 ET WEB_SERVER PHP Possible phar Remote File Inclusion Attempt
ET WEB_SERVER PHP Possible phar Remote File Inclusion Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER PHP Possible phar Remote File Inclusion Attempt"; flow:established,to_server; http.uri; content:".php?"; content:"=phar|3a|//"; reference:cve,2002-0953; reference:url,diablohorn.wordpress.com/2010/01/16/interesting-local-file-inclusion-method/; classtype:web-application-attack; sid:2013005; rev:6; metadata:created_at 2011_06_10, cve CVE_2002_0953, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_20, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SERVER PHP Possible ogg Remote File Inclusion Attempt
suricata·2011-06-10
CVE-2002-0953 ET WEB_SERVER PHP Possible ogg Remote File Inclusion Attempt
ET WEB_SERVER PHP Possible ogg Remote File Inclusion Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER PHP Possible ogg Remote File Inclusion Attempt"; flow:established,to_server; http.uri; content:".php?"; content:"=ogg|3a|//"; reference:cve,2002-0953; reference:url,diablohorn.wordpress.com/2010/01/16/interesting-local-file-inclusion-method/; classtype:web-application-attack; sid:2013008; rev:5; metadata:created_at 2011_06_10, cve CVE_2002_0953, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_20, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SERVER PHP Possible rar Remote File Inclusion Attempt
suricata·2011-06-10
CVE-2002-0953 ET WEB_SERVER PHP Possible rar Remote File Inclusion Attempt
ET WEB_SERVER PHP Possible rar Remote File Inclusion Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER PHP Possible rar Remote File Inclusion Attempt"; flow:established,to_server; http.uri; content:".php?"; content:"=rar|3a|//"; reference:cve,2002-0953; reference:url,diablohorn.wordpress.com/2010/01/16/interesting-local-file-inclusion-method/; classtype:web-application-attack; sid:2013007; rev:5; metadata:created_at 2011_06_10, cve CVE_2002_0953, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_20, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SERVER PHP Possible expect Remote File Inclusion Attempt
suricata·2011-06-10
CVE-2002-0953 ET WEB_SERVER PHP Possible expect Remote File Inclusion Attempt
ET WEB_SERVER PHP Possible expect Remote File Inclusion Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER PHP Possible expect Remote File Inclusion Attempt"; flow:established,to_server; http.uri; content:".php?"; content:"=expect|3a|//"; reference:cve,2002-0953; reference:url,diablohorn.wordpress.com/2010/01/16/interesting-local-file-inclusion-method/; classtype:web-application-attack; sid:2013009; rev:5; metadata:created_at 2011_06_10, cve CVE_2002_0953, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_20, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SERVER PHP Possible data Remote File Inclusion Attempt
suricata·2011-06-10
CVE-2002-0953 ET WEB_SERVER PHP Possible data Remote File Inclusion Attempt
ET WEB_SERVER PHP Possible data Remote File Inclusion Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER PHP Possible data Remote File Inclusion Attempt"; flow:established,to_server; http.uri; content:".php?"; content:"=data|3a|//"; reference:cve,2002-0953; reference:url,diablohorn.wordpress.com/2010/01/16/interesting-local-file-inclusion-method/; classtype:web-application-attack; sid:2013003; rev:5; metadata:created_at 2011_06_10, cve CVE_2002_0953, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_20, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SERVER PHP Possible https Local File Inclusion Attempt
suricata·2011-06-10
CVE-2002-0953 ET WEB_SERVER PHP Possible https Local File Inclusion Attempt
ET WEB_SERVER PHP Possible https Local File Inclusion Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER PHP Possible https Local File Inclusion Attempt"; flow:established,to_server; http.uri; content:".php?"; content:"=https|3a|//"; reference:cve,2002-0953; reference:url,diablohorn.wordpress.com/2010/01/16/interesting-local-file-inclusion-method/; classtype:web-application-attack; sid:2012998; rev:5; metadata:affected_product Web_Server_Applications, attack_target Server, created_at 2011_06_10, cve CVE_2002_0953, deployment Perimeter, deployment Internal, deployment Datacenter, confidence High, signature_severity Major, tag Local_File_Inclusion, tag Exploit, tag LFI, tag RFI, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_20, mitre_tactic_i
Suricata
ET WEB_SERVER PHP Possible glob Remote File Inclusion Attempt
suricata·2011-06-10
CVE-2002-0953 ET WEB_SERVER PHP Possible glob Remote File Inclusion Attempt
ET WEB_SERVER PHP Possible glob Remote File Inclusion Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER PHP Possible glob Remote File Inclusion Attempt"; flow:established,to_server; http.uri; content:".php?"; content:"=glob|3a|//"; reference:cve,2002-0953; reference:url,diablohorn.wordpress.com/2010/01/16/interesting-local-file-inclusion-method/; classtype:web-application-attack; sid:2013004; rev:5; metadata:created_at 2011_06_10, cve CVE_2002_0953, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_20, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SERVER PHP Possible ftps Local File Inclusion Attempt
suricata·2011-06-10
CVE-2002-0953 ET WEB_SERVER PHP Possible ftps Local File Inclusion Attempt
ET WEB_SERVER PHP Possible ftps Local File Inclusion Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER PHP Possible ftps Local File Inclusion Attempt"; flow:established,to_server; http.uri; content:".php?"; content:"=ftps|3a|//"; reference:cve,2002-0953; reference:url,diablohorn.wordpress.com/2010/01/16/interesting-local-file-inclusion-method/; classtype:web-application-attack; sid:2013000; rev:5; metadata:affected_product Web_Server_Applications, attack_target Server, created_at 2011_06_10, cve CVE_2002_0953, deployment Perimeter, deployment Internal, deployment Datacenter, confidence High, signature_severity Major, tag Local_File_Inclusion, tag Exploit, tag LFI, tag RFI, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_20, mitre_tactic_id T
Suricata
ET WEB_SERVER PHP Possible ftp Remote File Inclusion Attempt
suricata·2011-06-10
CVE-2002-0953 ET WEB_SERVER PHP Possible ftp Remote File Inclusion Attempt
ET WEB_SERVER PHP Possible ftp Remote File Inclusion Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER PHP Possible ftp Remote File Inclusion Attempt"; flow:established,to_server; http.uri; content:".php?"; content:"=ftp|3a|//"; reference:cve,2002-0953; reference:url,diablohorn.wordpress.com/2010/01/16/interesting-local-file-inclusion-method/; classtype:web-application-attack; sid:2012999; rev:5; metadata:created_at 2011_06_10, cve CVE_2002_0953, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_20, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SERVER PHP Possible php Remote File Inclusion Attempt
suricata·2011-06-10
CVE-2002-0953 ET WEB_SERVER PHP Possible php Remote File Inclusion Attempt
ET WEB_SERVER PHP Possible php Remote File Inclusion Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER PHP Possible php Remote File Inclusion Attempt"; flow:established,to_server; http.uri; content:".php?"; content:"=php|3a|//"; reference:cve,2002-0953; reference:cve,2024-4577; reference:url,diablohorn.wordpress.com/2010/01/16/interesting-local-file-inclusion-method/; classtype:web-application-attack; sid:2013001; rev:5; metadata:created_at 2011_06_10, cve CVE_2002_0953, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_20, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SERVER PHP Possible zlib Remote File Inclusion Attempt
suricata·2011-06-10
CVE-2002-0953 ET WEB_SERVER PHP Possible zlib Remote File Inclusion Attempt
ET WEB_SERVER PHP Possible zlib Remote File Inclusion Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER PHP Possible zlib Remote File Inclusion Attempt"; flow:established,to_server; http.uri; content:".php?"; content:"=zlib|3a|//"; reference:cve,2002-0953; reference:url,diablohorn.wordpress.com/2010/01/16/interesting-local-file-inclusion-method/; classtype:web-application-attack; sid:2013014; rev:6; metadata:created_at 2011_06_10, cve CVE_2002_0953, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_20, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SERVER PHP Possible file Remote File Inclusion Attempt
suricata·2011-06-10
CVE-2002-0953 ET WEB_SERVER PHP Possible file Remote File Inclusion Attempt
ET WEB_SERVER PHP Possible file Remote File Inclusion Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER PHP Possible file Remote File Inclusion Attempt"; flow:established,to_server; http.uri; content:".php?"; content:"=file|3a|//"; reference:cve,2002-0953; reference:url,diablohorn.wordpress.com/2010/01/16/interesting-local-file-inclusion-method/; classtype:web-application-attack; sid:2013002; rev:6; metadata:created_at 2011_06_10, cve CVE_2002_0953, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_20, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SERVER Exploit Suspected PHP Injection Attack (cmd=)
suricata·2010-07-30
CVE-2002-0953 ET WEB_SERVER Exploit Suspected PHP Injection Attack (cmd=)
ET WEB_SERVER Exploit Suspected PHP Injection Attack (cmd=)
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Exploit Suspected PHP Injection Attack (cmd=)"; flow:established,to_server; http.method; content:"GET"; nocase; http.uri; content:".php?"; nocase; content:"cmd="; fast_pattern; nocase; pcre:"/[&?]cmd=[^\x26\x28]*(?:cd|\;|echo|cat|perl|curl|wget|id|uname|t?ftp)/i"; reference:cve,2002-0953; classtype:web-application-attack; sid:2010920; rev:10; metadata:created_at 2010_07_30, cve CVE_2002_0953, confidence Medium, signature_severity Major, updated_at 2024_01_03;)
No writeups or analysis indexed.
2010-03-10
Published