cve/CVE-2010-1003.md at a1f7af13e63bb8df7e5f4b4213aa3bc22aa59913

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

Directory traversal vulnerability in www/editor/tiny_mce/langs/language.php in eFront 3.5.x through 3.5.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langname parameter.

POC

Reference

http://www.coresecurity.com/content/efront-php-file-inclusion

Github

No PoCs found on GitHub currently.

713 B Raw Blame History

CVE-2010-1003

Description

POC

Reference

Github

713 B

Raw Blame History