SecuritySpace - CVE-2010-0976

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2010-0976

Description: Acidcat CMS 3.5.x does not prevent access to install.asp after installation finishes, which might allow remote attackers to restart the installation process and have unspecified other impact via requests to install.asp and other install_*.asp scripts. NOTE: the final installation screen states "Important: you must now delete all files beginning with 'install' from the root directory."

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2010-0976
http://www.exploit-db.com/exploits/10972
http://packetstormsecurity.org/1001-exploits/acidcatcms-disclose.txt
XForce ISS Database: acidcat-install-info-disclosure(55331)
https://exchange.xforce.ibmcloud.com/vulnerabilities/55331

CVE ID:	CVE-2010-0976
Description:	Acidcat CMS 3.5.x does not prevent access to install.asp after installation finishes, which might allow remote attackers to restart the installation process and have unspecified other impact via requests to install.asp and other install_*.asp scripts. NOTE: the final installation screen states "Important: you must now delete all files beginning with 'install' from the root directory."
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0976 http://www.exploit-db.com/exploits/10972 http://packetstormsecurity.org/1001-exploits/acidcatcms-disclose.txt XForce ISS Database: acidcat-install-info-disclosure(55331) https://exchange.xforce.ibmcloud.com/vulnerabilities/55331