CVE-2010-2018
published 2010-05-24CVE-2010-2018: Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file…
PriorityP433medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
3.26%
86.8th percentile
Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bukulokomedia | lokomedia_cms | — | — |
| bukulokomedia | lokomedia_cms | — | — |
| msrc | microsoft_office_2010_service_pack_2 | — | — |
| msrc | microsoft_office_2016_click-to-run_for_32-bit_editions | — | — |
| msrc | microsoft_office_2016_click-to-run_for_64-bit_editions | — | — |
| msrc | microsoft_office_2016_for_mac | — | — |
| msrc | microsoft_office_online_server_2016 | — | — |
| msrc | microsoft_office_web_apps_2010_service_pack_2 | — | — |
| msrc | microsoft_office_web_apps_server_2013_service_pack_1 | — | — |
| msrc | microsoft_sharepoint_enterprise_server_2013_service_pack_1 | — | — |
| msrc | microsoft_sharepoint_enterprise_server_2016 | — | — |
| msrc | microsoft_sharepoint_server_2010_service_pack_2 | — | — |
| msrc | microsoft_word_2010_service_pack_2 | — | — |
| msrc | microsoft_word_2013_rt_service_pack_1 | — | — |
| msrc | microsoft_word_2013_service_pack_1 | — | — |
| msrc | microsoft_word_2016 | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_msrc7.5LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-h6wg-55h3-3874: Directory traversal vulnerability in downlot
ghsa_unreviewed·2022-05-17
CVE-2010-2018 [MEDIUM] CWE-22 GHSA-h6wg-55h3-3874: Directory traversal vulnerability in downlot
Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Palo Alto
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
vendor_paloalto·2024-09-04·CVSS 6.0
CVE-2022-22965 [MEDIUM] PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the
CVEs: CVE-2010-1622, CVE-2015-7552, CVE-2018-16840, CVE-2019-7639, CVE-2020-17049, CVE-2020-7774, CVE-2021-0131, CVE-2021-0132, CVE-2021-0133, CVE-2021-0134, CVE-2021-4044, CVE-2021-4160, CVE-2021-41773, CVE-2022-1343, CVE-2022-21449, CVE-2022-2274, CVE-2022-22963, CVE-2022-22965, CVE-2022-24697, CVE-2022-32207, CVE-2022-3358, CVE-2022-3996, CVE-2022-40664, CVE-2022-44792, CVE-2022-44793, CVE-2023-1255, CVE-2023-22809, CVE-2023-23919, CVE-2023-3341, CVE-2023-4236, CVE-2023-4863, CVE-2023-51767
Affected products: PAN-OS
Suricata
ET WEB_CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code
suricata·2010-10-29
CVE-2018-4980 ET WEB_CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code
ET WEB_CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code"; flow:established,to_client; file.data; content:"PDF-"; depth:300; content:"app.setTimeOut("; fast_pattern; nocase; distance:0; reference:url,www.h-online.com/security/features/CSI-Internet-PDF-timebomb-1038864.html?page=4; reference:url,www.vicheck.ca/md5query.php?hash=6932d141916cd95e3acaa3952c7596e4; reference:cve,2018-4980; reference:cve,2018-4961; classtype:bad-unknown; sid:2011868; rev:6; metadata:affected_product Web_Browsers, affected_product Web_Browser_Plugins, attack_target Client_Endpoint, created_at 2010_10_29, cve CVE_2018_4980, d
Exploit-DB
Lokomedia CMS - 'sukaCMS' Local File Disclosure
exploitdb·2010-05-18
CVE-2010-2018 Lokomedia CMS - 'sukaCMS' Local File Disclosure
Lokomedia CMS - 'sukaCMS' Local File Disclosure
---
# Software Link: http://bukulokomedia.com
# Version: [2.0]
# Tested on: [all OS]
[+] Title : Local File Disclosure Vulnerability Lokomedia CMS (sukaCMS)
[+] Vendor : http://bukulokomedia.com
[+] Discovered : vir0e5 a.k.a banditc0de
[+] Contact : vir0e5[at]hackermail[dot]com
[+] Site : http://vir0e5.blogspot.com
[+] DorK : inurl:/downlot.php?file=
[+] Exploit : http://[host]/[dir]/downlot.php?file=../config/koneksi.php
[+] Greetings :[ mywisdom - kiddies - kamtiez - r3m1ck - Aoc - skuteng_boy - blue_screen -
agdi_cool - dangercode14045 - dewancc and YOU!!!! ] ;
[+] Forum [as member] : http://indonesian-cyber.org | http://tecon-crew.org | http://u3dcrew.darkbb.com | http://devilzc0de.org
[+] Notice : "boycott malaysian product "
Nuclei
Lokomedia CMS - Local File Inclusion
nuclei·CVSS 5.0
CVE-2010-2018 [MEDIUM] Lokomedia CMS - Local File Inclusion
Lokomedia CMS - Local File Inclusion
A Local File Inclusion (LFI) vulnerability exists in Lokomedia CMS. The application allows an attacker to include files on the server that should not be accessible, potentially exposing sensitive information.
Template:
id: CVE-2010-2018
info:
name: Lokomedia CMS - Local File Inclusion
author: r3Y3r53
severity: high
description: A Local File Inclusion (LFI) vulnerability exists in Lokomedia CMS. The application allows an attacker to include files on the server that should not be accessible, potentially exposing sensitive information.
impact: |
Attackers can read sensitive files from the server, potentially leading to information disclosure.
remediation: |
Update to the latest version or apply security patches to fix the vulnerability.
reference:
- ht
Fortinet
Patch Your Microsoft Outlook: Fortinet Discovered Four Outlook Remote Code Execution Vulnerabilities
blogs_fortinet·2018-11-13·CVSS 7.8
[HIGH] Patch Your Microsoft Outlook: Fortinet Discovered Four Outlook Remote Code Execution Vulnerabilities
FORTIGUARD LABS THREAT RESEARCH
Patch Your Microsoft Outlook: Fortinet Discovered Four Outlook Remote Code Execution Vulnerabilities
By Yonghui Han | November 13, 2018
FortiGuard Labs Breaking Threat Research
This Patch Tuesday, November 13, 2018, Microsoft patched six vulnerabilities discovered in Microsoft Outlook. Four of them were discovered and reported on by Fortinet researcher Yonghui Han by following Fortinet’s responsible disclosure process. The CVE numbers assigned to them are CVE-2018-8522, CVE-2018-8524, CVE-2018-8576 and CVE-2018-8582. All Microsoft Outlook versions from 2010 to 2019 are affected. All of four of these vulnerabilities could lead to remote code execution and have been given an Important rating by Microsoft. In this post we will provide more details on these
Qualys
October 2018 Patch Tuesday – 49 Vulns, Critical browser patches, Hyper-V, Adobe vulns
blogs_qualys·2018-10-09·CVSS 9.3
CVE-2010-3190 [CRITICAL] October 2018 Patch Tuesday – 49 Vulns, Critical browser patches, Hyper-V, Adobe vulns
In this month’s Patch Tuesday release there are 49 vulnerabilities patched with 12 Criticals. Out of the criticals, over half are browser-related, with the rest including Hyper-V and MSXML Parser. Microsoft Exchange covers CVE-2010-3190 which was not identified as in-scope product when originally published, per Microsoft. Microsoft Office covers 9 Important CVEs including Sharepoint and Graphics component.
## Workstation Patches
Browser and Scripting Engine patches should be prioritized for workstation-type devices, meaning any system that is used for email or to access the internet via a browser. This includes multi-user servers that are used as remote desktops for users. There are total 23 CVEs for Windows.
## Hyper-V Hypervisor Escape
Two remote code execution vulnerabilities ( CVE-
Qualys
October 2018 Patch Tuesday – 49 Vulns, Critical browser patches, Hyper-V, Adobe vulns | Qualys
blogs_qualys·2018-10-09·CVSS 9.3
CVE-2010-3190 [CRITICAL] October 2018 Patch Tuesday – 49 Vulns, Critical browser patches, Hyper-V, Adobe vulns | Qualys
In this month’s Patch Tuesday release there are 49 vulnerabilities patched with 12 Criticals. Out of the criticals, over half are browser-related, with the rest including Hyper-V and MSXML Parser. Microsoft Exchange covers CVE-2010-3190 which was not identified as in-scope product when originally published, per Microsoft. Microsoft Office covers 9 Important CVEs including Sharepoint and Graphics component.
### Workstation Patches
Browser and Scripting Engine patches should be prioritized for workstation-type devices, meaning any system that is used for email or to access the internet via a browser. This includes multi-user servers that are used as remote desktops for users. There are total 23 CVEs for Windows.
### Hyper-V Hypervisor Escape
Two remote code execution vulnerabilities (CVE
Krebs
Flash, Windows Users: It’s Time to Patch
blogs_krebs·2018-03-13·CVSS 7.5
[HIGH] Flash, Windows Users: It’s Time to Patch
Adobe and Microsoft each pushed critical security updates to their products today. Adobe’s got a new version of Flash Player available, and Microsoft released 14 updates covering more than 75 vulnerabilities, two of which were publicly disclosed prior to today’s patch release.
All of the critical vulnerabilities from Microsoft are in browsers and browser-related technologies, according to a post from security firm Qualys.
“It is recommended that these be prioritized for workstation-type devices,” wrote Jimmy Graham, director of product management at Qualys. “Any system that accesses the Internet via a browser should be patched.”
The Microsoft vulnerabilities that were publicly disclosed prior to today involve Microsoft Exchange Server 2010 through 2016 editions (CVE-2018-0940) and ASP.N
http://osvdb.org/64747http://packetstormsecurity.org/1005-exploits/lokomediacms-disclose.txthttp://secunia.com/advisories/39863http://www.exploit-db.com/exploits/12651https://exchange.xforce.ibmcloud.com/vulnerabilities/58670http://osvdb.org/64747http://packetstormsecurity.org/1005-exploits/lokomediacms-disclose.txthttp://secunia.com/advisories/39863http://www.exploit-db.com/exploits/12651https://exchange.xforce.ibmcloud.com/vulnerabilities/58670
2010-05-24
Published