CVE-2010-1055

osDate <2.5.4 - RCE

Title source: llm

Description

Multiple PHP remote file inclusion vulnerabilities in osDate 2.1.9 and 2.5.4, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the config[forum_installed] parameter to (1) forum/adminLogin.php and (2) forum/userLogin.php. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by NoGe · textwebappsphp

https://www.exploit-db.com/exploits/11755

View Code ZIP pw:eip

References (7)

[Exploit] http://evilc0de.blogspot.com/2010/03/osdate-rfi-vuln.html

[Vendor Advisory] http://secunia.com/advisories/38943

[Exploit] http://www.exploit-db.com/exploits/11755

[Exploit] http://www.securityfocus.com/bid/38738

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/56909

[Third Party Advisory, VDB Entry] http://osvdb.org/63005

[Third Party Advisory, VDB Entry] http://osvdb.org/63006

Scores

EPSS 0.0361

EPSS Percentile 87.6%

Classification

CWE

CWE-94

Status draft

Affected Products (2)

tufat/osdate

tufat/osdate

Timeline

Published Mar 23, 2010

Tracked Since Feb 18, 2026