← back
CVE-2010-2456

CVE-2010-2456

EPSS 2.0%
Multiple directory traversal vulnerabilities in index.php in Linker IMG 1.0 and earlier allow remote attackers to read and execute arbitrary local files via a URL in the (1) cook_lan cookie parameter ($lan_dir variable) or possibly (2) Sdb_type parameter. NOTE: this was originally reported as remote file inclusion, but this may be inaccurate.
Affected products
n/a · n/a
public PoCs found3
cve_referencepacketstormsecurity.org/1006-exploits/linkerimg-rfi.txtunverifiedcve_referencewww.exploit-db.com/exploits/13964unverifiedexploitdbwww.exploit-db.com/exploits/13964unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.org/1006-exploits/linkerimg-rfi.txthttps://exchange.xforce.ibmcloud.com/vulnerabilities/59614http://www.attrition.org/pipermail/vim/2010-June/002354.htmlhttp://www.exploit-db.com/exploits/13964http://www.vupen.com/english/advisories/2010/1562