Summary
Direct News is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Exploiting these issues may allow an attacker to compromise the application and the computer
other attacks are also possible.
Direct News 4.10.2 is vulnerable
other versions may be
affected as well.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-1342 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Solr Directory Traversal Vulnerability Jan-14
- Apache ActiveMQ Source Code Information Disclosure Vulnerability
- Aker Secure Mail Gateway Cross-Site Scripting Vulnerability
- Apache ActiveMQ 'Cron Jobs' Cross Site Scripting Vulnerability
- Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability