CVE-2010-1272

Gnat-TGP <1.2.20 - RCE

Title source: llm
STIX 2.1

Description

PHP remote file inclusion vulnerability in includes/tgpinc.php in Gnat-TGP 1.2.20 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.

Exploits (1)

exploitdb WRITEUP
by cr4wl3r · textwebappsphp
https://www.exploit-db.com/exploits/11621

References (4)

Core 4
Core References
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/11621
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/38522
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/56675
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.org/1003-exploits/gnattgp-rfi.txt

Scores

EPSS 0.0107
EPSS Percentile 77.8%

Details

CWE
CWE-94
Status published
Products (1)
komputer.boo/gnat-tgp < 1.2.20
Published Apr 06, 2010
Tracked Since Feb 18, 2026