Direct News Multiple Remote File Include Vulnerabilities Network Vulnerability

Summary

Direct News is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the computer other attacks are also possible. Direct News 4.10.2 is vulnerable other versions may be affected as well.

References

http://www.direct-news.net
http://www.securityfocus.com/bid/38975

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-1342
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apache Subversion Module Metadata Accessible
Aker Secure Mail Gateway Cross-Site Scripting Vulnerability
Apache Struts2 showcase namespace XSS Vulnerability
@Mail WebMail Email Body HTML Injection Vulnerability
Apache ActiveMQ Persistent Cross-Site Scripting Vulnerability

Take action and discover your vulnerabilities