CVE-2010-2476

Summary

syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot.

Affected Software

VendorProductVersion RangeStatus
syscpsyscp1.4.2.1affected

Weaknesses

  • open_basedir bypassing

ADP Enrichment

CVE Program Container

Additional References

References