CVE-2010-3606 Information

Description

Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allow remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) folder and (2) action parameters.

Reference

http://osvdb.org/68062 http://pridels-team.blogspot.com/2010/09/netartmedia-real-estate-portal-v20-xss.html http://secunia.com/advisories/41377 http://www.securityfocus.com/bid/43266 https://exchange.xforce.ibmcloud.com/vulnerabilities/61867