CVE-2010-0989 | SynScan

Vulnerability Database

291,049

Total vulnerabilities in the database

CVE-2010-0989

Directory traversal vulnerability in delete.php in Pulse CMS before 1.2.3 allows remote authenticated users to delete arbitrary files via directory traversal sequences in the f parameter.

Published: Mar 26, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-0989
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.5
AV:N/AC:L/Au:S/C:P/I:P/A:N

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
pulsecms / pulse_cms	1.2.1	1.2.1.x
pulsecms / pulse_cms	-	1.2.2.x
pulsecms / pulse_cms	1.18	1.18.x
pulsecms / pulse_cms	1.15	1.15.x
pulsecms / pulse_cms	1.0	1.0.x
pulsecms / pulse_cms	1.16	1.16.x
pulsecms / pulse_cms	1.1	1.1.x
pulsecms / pulse_cms	1.17	1.17.x
pulsecms / pulse_cms	1.01	1.01.x
pulsecms / pulse_cms	1.2	1.2.x