CVE-2010-1466 - Vulnerability Details - OpenCVE

Directory traversal vulnerability in scr/soustab.php in openUrgence Vaccin 1.03 allows remote attackers to read arbitrary files via the dsn[phptype] parameter.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Francois Raynaud	Openurgence Vaccin

Configuration 1 [-]

cpe:2.3:a:francois_raynaud:openurgence_vaccin:1.03:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://secunia.com/advisories/39400
http://www.exploit-db.com/exploits/12193
http://www.securityfocus.com/bid/39412
https://exchange.xforce.ibmcloud.com/vulnerabilities/57816

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-04-16T19:00:00

Updated: 2024-08-07T01:28:40.979Z

Reserved: 2010-04-16T00:00:00

Link: CVE-2010-1466

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2010-04-16T19:30:00.710

Modified: 2025-04-11T00:51:21.963

Link: CVE-2010-1466

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-04-13T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in scr/soustab.php in openUrgence Vaccin 1.03 allows remote attackers to read arbitrary files via the dsn[phptype] parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "39400", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39400"}, {"name": "39412", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/39412"}, {"name": "12193", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/12193"}, {"name": "vaccin-soustab-file-include(57816)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57816"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2010-1466", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in scr/soustab.php in openUrgence Vaccin 1.03 allows remote attackers to read arbitrary files via the dsn[phptype] parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "39400", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/39400"}, {"name": "39412", "refsource": "BID", "url": "http://www.securityfocus.com/bid/39412"}, {"name": "12193", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/12193"}, {"name": "vaccin-soustab-file-include(57816)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57816"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T01:28:40.979Z"}, "title": "CVE Program Container", "references": [{"name": "39400", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/39400"}, {"name": "39412", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/39412"}, {"name": "12193", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/12193"}, {"name": "vaccin-soustab-file-include(57816)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57816"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-1466", "datePublished": "2010-04-16T19:00:00", "dateReserved": "2010-04-16T00:00:00", "dateUpdated": "2024-08-07T01:28:40.979Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:francois_raynaud:openurgence_vaccin:1.03:*:*:*:*:*:*:*", "matchCriteriaId": "656DD130-DE29-4D1A-A346-EE0A774DBDA1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in scr/soustab.php in openUrgence Vaccin 1.03 allows remote attackers to read arbitrary files via the dsn[phptype] parameter."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en scr/soustab.php en openUrgence Vaccin v1.03 permite a atacantes leer archivos de su elecci\u00f3n a trav\u00e9s del par\u00e1metro dsn[phptype]."}], "id": "CVE-2010-1466", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-04-16T19:30:00.710", "references": [{"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/39400"}, {"source": "[email protected]", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/12193"}, {"source": "[email protected]", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/39412"}, {"source": "[email protected]", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57816"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/39400"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/12193"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/39412"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57816"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "[email protected]", "type": "Primary"}]}