Multiple directory traversal vulnerabilities in ProMan 0.1.1 and earlier allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the _SESSION[userLang] parameter to (1) elisttasks.php, (2) managepmanagers.php, (3) manageusers.php, (4) helpfunc.php, (5) managegroups.php, (6) manageprocess.php, and (7) manageusersgroups.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2010-06-02T18:14:00
Updated: 2024-08-07T02:25:06.909Z
Reserved: 2010-06-02T00:00:00
Link: CVE-2010-2138
Vulnrichment
No data.
NVD
Status : Modified
Published: 2010-06-02T18:30:01.227
Modified: 2017-08-17T01:32:37.853
Link: CVE-2010-2138
Redhat
No data.