CVE-2010-1077: Path Traversal
First published: Tue Mar 23 2010(Updated: )
Directory traversal vulnerability in vbseo.php in Crawlability vBSEO plugin 3.1.0 for vBulletin allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the vbseourl parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Vbseo | =3.1.0 | |
| vBulletin | ||
| All of | ||
| Vbseo | =3.1.0 | |
| vBulletin |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2010-1077?
CVE-2010-1077 is classified as a medium severity vulnerability due to its potential for local file inclusion and code execution.
How do I fix CVE-2010-1077?
To fix CVE-2010-1077, update the vBSEO plugin to a version that addresses this directory traversal issue.
What software is affected by CVE-2010-1077?
CVE-2010-1077 specifically affects the vBSEO plugin version 3.1.0 for vBulletin.
Can CVE-2010-1077 be exploited remotely?
Yes, CVE-2010-1077 can be exploited remotely by attackers to include and execute arbitrary files.
What type of vulnerability is CVE-2010-1077?
CVE-2010-1077 is a directory traversal vulnerability that allows unauthorized access to local files.
- collector/nvd-historical
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/vbseo
- canonical/vbseo
- version/vbseo/3.1.0
- vendor/vbulletin
- canonical/vbulletin