CVE-2010-0613

ARWScripts Fonts Script - Path Traversal via Base64-Encoded f Parameter

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in viewfile.php in ARWScripts Fonts Script allows remote attackers to read arbitrary local files via directory traversal sequences in a base64-encoded f parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

References (2)

Core 2
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/38518
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/38709

Scores

EPSS 0.0154
EPSS Percentile 72.0%

Details

CWE
CWE-22
Status published
Products (1)
arwscripts/fonts_script
Published Feb 11, 2010
Tracked Since Feb 18, 2026