Summary
This host is running phpCOIN and is prone to local file include vulnerability.
Impact
Successful exploitation will allow attacker to obtain sensitive information and attacker can include arbitrary files.
Impact Level: Application.
Solution
Upgrade to phpCOIN version 1.6.5 or higher
Insight
The flaw exists in 'mod.php' as it fails to properly sanitize user-supplied data, which allows remote attacker to include arbitrary files.
Affected
phpCOIN version 1.2.1 and prior
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-0953 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
- Apache Continuum Cross Site Scripting Vulnerability
- Apache Tomcat Cross-Site Scripting and Security Bypass Vulnerabilities
- Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
- Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities