CVE-2010-2859
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
news.php in SimpNews 2.47.3 and earlier allows remote attackers to obtain sensitive information via an invalid lang parameter, which reveals the installation path in an error message.
news.php en SimpNews 2.47.3, y versiones anteriores, permite a atacantes remotos obtener información sensible mediante un parámetro lang inválido, lo que revela la ruta de instalación en un mensaje de error.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-07-23 CVE Reserved
- 2010-07-23 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/archive/1/512271/100/0/threaded | Mailing List |
| URL | Date | SRC |
|---|---|---|
| http://packetstormsecurity.org/1007-exploits/simpnews-xss.txt | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | <= 2.47.03 Search vendor "Boesch-it" for product "Simpnews" and version " <= 2.47.03" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.0.1 Search vendor "Boesch-it" for product "Simpnews" and version "2.0.1" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.13 Search vendor "Boesch-it" for product "Simpnews" and version "2.13" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.30 Search vendor "Boesch-it" for product "Simpnews" and version "2.30" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.30.2 Search vendor "Boesch-it" for product "Simpnews" and version "2.30.2" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.30.6 Search vendor "Boesch-it" for product "Simpnews" and version "2.30.6" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.31.0 Search vendor "Boesch-it" for product "Simpnews" and version "2.31.0" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.32.0 Search vendor "Boesch-it" for product "Simpnews" and version "2.32.0" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.32.1 Search vendor "Boesch-it" for product "Simpnews" and version "2.32.1" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.33.0 Search vendor "Boesch-it" for product "Simpnews" and version "2.33.0" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.33.01 Search vendor "Boesch-it" for product "Simpnews" and version "2.33.01" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.34 Search vendor "Boesch-it" for product "Simpnews" and version "2.34" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.34.0 Search vendor "Boesch-it" for product "Simpnews" and version "2.34.0" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.34.01 Search vendor "Boesch-it" for product "Simpnews" and version "2.34.01" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.35.00 Search vendor "Boesch-it" for product "Simpnews" and version "2.35.00" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.36.00 Search vendor "Boesch-it" for product "Simpnews" and version "2.36.00" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.37.00 Search vendor "Boesch-it" for product "Simpnews" and version "2.37.00" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.37.01 Search vendor "Boesch-it" for product "Simpnews" and version "2.37.01" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.37.02 Search vendor "Boesch-it" for product "Simpnews" and version "2.37.02" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.38 Search vendor "Boesch-it" for product "Simpnews" and version "2.38" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.38.02 Search vendor "Boesch-it" for product "Simpnews" and version "2.38.02" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.38.03 Search vendor "Boesch-it" for product "Simpnews" and version "2.38.03" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.38.04 Search vendor "Boesch-it" for product "Simpnews" and version "2.38.04" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.39.0 Search vendor "Boesch-it" for product "Simpnews" and version "2.39.0" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.40.01 Search vendor "Boesch-it" for product "Simpnews" and version "2.40.01" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.41.0 Search vendor "Boesch-it" for product "Simpnews" and version "2.41.0" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.41.02 Search vendor "Boesch-it" for product "Simpnews" and version "2.41.02" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.41.03 Search vendor "Boesch-it" for product "Simpnews" and version "2.41.03" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.42.0 Search vendor "Boesch-it" for product "Simpnews" and version "2.42.0" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.42.01 Search vendor "Boesch-it" for product "Simpnews" and version "2.42.01" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.44.00 Search vendor "Boesch-it" for product "Simpnews" and version "2.44.00" | - |
Affected
| ||||||
| Boesch-it Search vendor "Boesch-it" | Simpnews Search vendor "Boesch-it" for product "Simpnews" | 2.47.00 Search vendor "Boesch-it" for product "Simpnews" and version "2.47.00" | - |
Affected
| ||||||