Direct News Multiple Remote File Include Vulnerabilities Network Vulnerability

Summary

Direct News is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the computer other attacks are also possible. Direct News 4.10.2 is vulnerable other versions may be affected as well.

References

http://www.direct-news.net
http://www.securityfocus.com/bid/38975

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-1342

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apache Struts2 'XWork' Information Disclosure Vulnerability
Apple Safari Multiple Vulnerabilities
1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability
Apache Tomcat NIO Connector Denial of Service Vulnerability

Take action and discover your vulnerabilities