Multiple PHP remote file inclusion vulnerabilities in ClearSite Beta 4.50, and possibly other versions, allow remote attackers to execute arbitrary PHP code via a URL in the cs_base_path parameter to (1) docs.php and (2) include/admin/device_admin.php. NOTE: the header.php vector is already covered by CVE-2009-3306. NOTE: this issue may be due to a variable extraction error.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-06-03T14:00:00

Updated: 2024-08-07T02:25:06.876Z

Reserved: 2010-06-03T00:00:00

Link: CVE-2010-2145

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2010-06-03T14:30:01.727

Modified: 2018-10-10T19:58:33.973

Link: CVE-2010-2145

cve-icon Redhat

No data.