LetoDMS 'lang' Parameter Local File Include Vulnerability

Bugtraq ID: 37828
Class: Input Validation Error
CVE: CVE-2010-2006
Remote: Yes
Local: No
Published: Jan 15 2010 12:00AM
Updated: Jan 17 2011 06:51AM
Credit: D. Fabian and L. Weichselbaum from SEC Consult
Vulnerable: MyDMS MyDMS 1.4.3
MyDMS MyDMS 1.4.2
MyDMS MyDMS 1.4.1
MyDMS MyDMS 1.4
LetoDMS LetoDMS 1.7.2
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus