CVE-2010-5278 - OpenCVE

Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some of these details are obtained from third party information.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Modx	Modx Revolution

Configuration 1 [-]

cpe:2.3:a:modx:modx_revolution:*:*:*:*:*:*:*:*

References

Link	Resource
http://modxcms.com/forums/index.php/topic%2C55104.0.html
http://modxcms.com/forums/index.php/topic%2C55105.msg317273.html
http://packetstormsecurity.org/1009-exploits/modx202pl-lfi.txt	Third Party Advisory
http://secunia.com/advisories/41638	Vendor Advisory
http://www.johnleitch.net/Vulnerabilities/MODx.Revolution.2.0.2-pl.Local.File.Inclusion/49	Third Party Advisory
http://www.osvdb.org/68265	Broken Link
http://www.securityfocus.com/bid/43577	Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/62073	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2012-10-07T20:00:00

Updated: 2017-08-28T12:57:01

Reserved: 2012-10-07T00:00:00

Link: CVE-2010-5278

JSON object: View

NVD Information

Status : Modified

Published: 2012-10-07T20:55:00.907

Modified: 2023-11-07T02:06:37.403

Link: CVE-2010-5278

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-09-29T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some of these details are obtained from third party information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.org/1009-exploits/modx202pl-lfi.txt"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://modxcms.com/forums/index.php/topic%2C55104.0.html"}, {"name": "43577", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/43577"}, {"name": "41638", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/41638"}, {"name": "modx-classkey-file-include(62073)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62073"}, {"tags": ["x_refsource_MISC"], "url": "http://www.johnleitch.net/Vulnerabilities/MODx.Revolution.2.0.2-pl.Local.File.Inclusion/49"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://modxcms.com/forums/index.php/topic%2C55105.msg317273.html"}, {"name": "68265", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/68265"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-5278", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://packetstormsecurity.org/1009-exploits/modx202pl-lfi.txt", "refsource": "MISC", "url": "http://packetstormsecurity.org/1009-exploits/modx202pl-lfi.txt"}, {"name": "http://modxcms.com/forums/index.php/topic,55104.0.html", "refsource": "CONFIRM", "url": "http://modxcms.com/forums/index.php/topic,55104.0.html"}, {"name": "43577", "refsource": "BID", "url": "http://www.securityfocus.com/bid/43577"}, {"name": "41638", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/41638"}, {"name": "modx-classkey-file-include(62073)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62073"}, {"name": "http://www.johnleitch.net/Vulnerabilities/MODx.Revolution.2.0.2-pl.Local.File.Inclusion/49", "refsource": "MISC", "url": "http://www.johnleitch.net/Vulnerabilities/MODx.Revolution.2.0.2-pl.Local.File.Inclusion/49"}, {"name": "http://modxcms.com/forums/index.php/topic,55105.msg317273.html", "refsource": "CONFIRM", "url": "http://modxcms.com/forums/index.php/topic,55105.msg317273.html"}, {"name": "68265", "refsource": "OSVDB", "url": "http://www.osvdb.org/68265"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-5278", "datePublished": "2012-10-07T20:00:00", "dateReserved": "2012-10-07T00:00:00", "dateUpdated": "2017-08-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:modx:modx_revolution:*:*:*:*:*:*:*:*", "matchCriteriaId": "8AEC803A-6C54-44B5-99BF-653201E59740", "versionEndIncluding": "2.0.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en manager/controllers/default/resource/tvs.php n MODx Revolution v2.0.2-pl, y posiblemente anteriores, cuando est\u00e1 deshabilitado magic_quotes_gpc, permite a atacantes remotos leer ficheros locales al utilizar caracteres .. (punto punto) en el par\u00e1metro class_key. NOTA: algunos detalles se han obtenidos de terceros."}], "id": "CVE-2010-5278", "lastModified": "2023-11-07T02:06:37.403", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-10-07T20:55:00.907", "references": [{"source": "cve@mitre.org", "url": "http://modxcms.com/forums/index.php/topic%2C55104.0.html"}, {"source": "cve@mitre.org", "url": "http://modxcms.com/forums/index.php/topic%2C55105.msg317273.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://packetstormsecurity.org/1009-exploits/modx202pl-lfi.txt"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/41638"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.johnleitch.net/Vulnerabilities/MODx.Revolution.2.0.2-pl.Local.File.Inclusion/49"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.osvdb.org/68265"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/43577"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62073"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}