Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2010-4399
Deferred
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-06 Dec, 2010 | 13:37
Updated At-11 Apr, 2025 | 00:51

Directory traversal vulnerability in languages.inc.php in DynPG CMS 4.1.1 and 4.2.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the CHG_DYNPG_SET_LANGUAGE parameter to index.php. NOTE: some of these details are obtained from third party information.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N
CPE Matches
dynpg
dynpg
>>dynpg>>4.1.1
cpe:2.3:a:dynpg:dynpg:4.1.1:*:*:*:*:*:*:*
dynpg
dynpg
>>dynpg>>4.2.0
cpe:2.3:a:dynpg:dynpg:4.2.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-22Primarynvd@nist.gov
CWE ID: CWE-22
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://osvdb.org/69539cve@mitre.org
N/A
http://packetstormsecurity.org/files/view/96230/dynpg-lfisqldisclose.txtcve@mitre.org
Exploit
http://secunia.com/advisories/42380cve@mitre.org
Vendor Advisory
http://www.dynpg.org/cms-freeware_en.php?t=DynPG+Update+4.2.1+Security+Update&read_article=226cve@mitre.org
Patch
http://www.exploit-db.com/exploits/15646cve@mitre.org
Exploit
http://www.htbridge.ch/advisory/lfi_in_dynpg.htmlcve@mitre.org
Exploit
http://www.securityfocus.com/bid/45115cve@mitre.org
Exploit
http://osvdb.org/69539af854a3a-2127-422b-91ae-364da2661108
N/A
http://packetstormsecurity.org/files/view/96230/dynpg-lfisqldisclose.txtaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://secunia.com/advisories/42380af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.dynpg.org/cms-freeware_en.php?t=DynPG+Update+4.2.1+Security+Update&read_article=226af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.exploit-db.com/exploits/15646af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.htbridge.ch/advisory/lfi_in_dynpg.htmlaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.securityfocus.com/bid/45115af854a3a-2127-422b-91ae-364da2661108
Exploit
Hyperlink: http://osvdb.org/69539
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://packetstormsecurity.org/files/view/96230/dynpg-lfisqldisclose.txt
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://secunia.com/advisories/42380
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.dynpg.org/cms-freeware_en.php?t=DynPG+Update+4.2.1+Security+Update&read_article=226
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.exploit-db.com/exploits/15646
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.htbridge.ch/advisory/lfi_in_dynpg.html
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.securityfocus.com/bid/45115
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://osvdb.org/69539
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://packetstormsecurity.org/files/view/96230/dynpg-lfisqldisclose.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://secunia.com/advisories/42380
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.dynpg.org/cms-freeware_en.php?t=DynPG+Update+4.2.1+Security+Update&read_article=226
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.exploit-db.com/exploits/15646
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.htbridge.ch/advisory/lfi_in_dynpg.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.securityfocus.com/bid/45115
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Change History
0Changes found
Details not found