CVE-2010-1652
HelpCenterLive 2.0.6 and 2.1.7 - Path Traversal via File Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-1652. PoCs published by 41.w4r10r.
AI-analyzed exploit summary This exploit demonstrates a Local File Inclusion (LFI) vulnerability in Help Center Live 2.0.6 via the 'file' parameter in module.php. The PoC shows how to read arbitrary files (e.g., /etc/passwd) using directory traversal sequences.
Description
Directory traversal vulnerability in the HelpCenter module in Help Center Live (HCL) 2.0.6 and 2.1.7 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the file parameter to module.php. NOTE: some of these details are obtained from third party information.
Exploits (1)
This exploit demonstrates a Local File Inclusion (LFI) vulnerability in Help Center Live 2.0.6 via the 'file' parameter in module.php. The PoC shows how to read arbitrary files (e.g., /etc/passwd) using directory traversal sequences.