SecuritySpace - CVE-2010-1351

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2010-1351

Description: Multiple PHP remote file inclusion vulnerabilities in Nodesforum 1.033 and 1.045, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _nodesforum_path_from_here_to_nodesforum_folder parameter to erase_user_data.php and the (2) _nodesforum_code_path parameter to pre_output.php. NOTE: some of these details are obtained from third party information.

Test IDs: 1.3.6.1.4.1.25623.1.0.902040

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2010-1351
http://www.exploit-db.com/exploits/12047
http://secunia.com/advisories/39311
XForce ISS Database: nodesforum-preoutput-file-include(57517)
https://exchange.xforce.ibmcloud.com/vulnerabilities/57517

CVE ID:	CVE-2010-1351
Description:	Multiple PHP remote file inclusion vulnerabilities in Nodesforum 1.033 and 1.045, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _nodesforum_path_from_here_to_nodesforum_folder parameter to erase_user_data.php and the (2) _nodesforum_code_path parameter to pre_output.php. NOTE: some of these details are obtained from third party information.
Test IDs:	1.3.6.1.4.1.25623.1.0.902040
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1351 http://www.exploit-db.com/exploits/12047 http://secunia.com/advisories/39311 XForce ISS Database: nodesforum-preoutput-file-include(57517) https://exchange.xforce.ibmcloud.com/vulnerabilities/57517