CVE-2010-0975
published 2010-03-16CVE-2010-0975: PHP remote file inclusion vulnerability in external.php in PHPCityPortal allows remote attackers to execute arbitrary PHP code via a URL in the url parameter.
PriorityP346high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.99%
85.6th percentile
PHP remote file inclusion vulnerability in external.php in PHPCityPortal allows remote attackers to execute arbitrary PHP code via a URL in the url parameter.
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat6.4MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wfgf-2q6h-cjmv: PHP remote file inclusion vulnerability in external
ghsa_unreviewed·2022-05-02
CVE-2010-0975 [HIGH] CWE-94 GHSA-wfgf-2q6h-cjmv: PHP remote file inclusion vulnerability in external
PHP remote file inclusion vulnerability in external.php in PHPCityPortal allows remote attackers to execute arbitrary PHP code via a URL in the url parameter.
Red Hat
bind: key algorithm rollover may mark secure answers as insecure
vendor_redhat·2010-12-01·CVSS 6.4
CVE-2010-3614 [MEDIUM] bind: key algorithm rollover may mark secure answers as insecure
bind: key algorithm rollover may mark secure answers as insecure
named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.
Statement: The Red Hat Security Response Team has rated this issue as having low security impact. Because the version of bind in Red Hat Enterprise Linux 4 does not implement support for the currently-used DNSSEC protocol version, there is no plan to address this flaw there. It has been addressed in Red Hat Enterprise Linux 5 (via RHSA-2010:0975) and Red Hat Enterprise Linux 6 (via RHSA-2010:0976
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.org/1003-exploits/phpcityportal-sqlrfi.txthttp://www.exploit-db.com/exploits/11678https://exchange.xforce.ibmcloud.com/vulnerabilities/56812http://packetstormsecurity.org/1003-exploits/phpcityportal-sqlrfi.txthttp://www.exploit-db.com/exploits/11678https://exchange.xforce.ibmcloud.com/vulnerabilities/56812
2010-03-16
Published