Strix
26.1K

CVE-2010-1916

UnknownEPSS 3.26%

Last modified

CVE-2010-1916 is a vulnerability of currently unknown severity. The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 and earlier, as used in Serendipity 1.5.2 and earlier, allows remote attackers to bypass intended access restrictions and modify the configuration of arbitrary plugins via (1) crafted backend_config_secret_key_location and backend_config_hash parameters that are used in a SHA1 hash of a shared secret that can be known or externally influenced, which are not properly handled by the "Deprecated config passing" feature; or (2) crafted backend_data and backend_data[key_location] variables, which are not properly handled by the xinha_read_passed_data function. NOTE: this can be leveraged to upload and possibly execute arbitrary files via config.inc.php in the ImageManager plugin.. EPSS estimates a 3.26% chance of exploitation in the next 30 days.

Description

The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 and earlier, as used in Serendipity 1.5.2 and earlier, allows remote attackers to bypass intended access restrictions and modify the configuration of arbitrary plugins via (1) crafted backend_config_secret_key_location and backend_config_hash parameters that are used in a SHA1 hash of a shared secret that can be known or externally influenced, which are not properly handled by the "Deprecated config passing" feature; or (2) crafted backend_data and backend_data[key_location] variables, which are not properly handled by the xinha_read_passed_data function. NOTE: this can be leveraged to upload and possibly execute arbitrary files via config.inc.php in the ImageManager plugin.

Metrics

EPSS Probability
3.26%

86.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersionsUpdate
XinhaWysiwyg Editor0.9Beta
XinhaWysiwyg Editor0.91Beta
XinhaWysiwyg Editor0.92Beta
XinhaWysiwyg Editor0.93
XinhaWysiwyg Editor0.94
XinhaWysiwyg Editor0.95
XinhaWysiwyg Editor0.96Beta
S9ySerendipity0.3
S9ySerendipity0.4
S9ySerendipity0.5Pl1
S9ySerendipity0.6Pl3
S9ySerendipity0.7
S9ySerendipity0.7.1
S9ySerendipity0.8
S9ySerendipity0.8.1
S9ySerendipity0.8.2
S9ySerendipity0.8.3
S9ySerendipity0.8.4
S9ySerendipity0.8.5
S9ySerendipity0.9
S9ySerendipity0.9.1
S9ySerendipity1.0
S9ySerendipity1.0.1
S9ySerendipity1.0.2
S9ySerendipity1.0.3
S9ySerendipity1.0.4
S9ySerendipity1.1
S9ySerendipity1.1.1
S9ySerendipity1.1.2
S9ySerendipity1.1.3
S9ySerendipity1.1.4
S9ySerendipity1.2
S9ySerendipity1.2.1
S9ySerendipity1.3
S9ySerendipity1.3.1
S9ySerendipity1.4
S9ySerendipity1.4.1
S9ySerendipity1.5
S9ySerendipity1.5.1
S9ySerendipity1.5.2

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2010-1916?
The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 and earlier, as used in Serendipity 1.5.2 and earlier, allows remote attackers to bypass intended access restrictions and modify the configuration of arbitrary plugins via (1) crafted backend_config_secret_key_location and backend_config_hash parameters that are used in a SHA1 hash of a shared secret that can be known or externally influenced, which are not properly handled by the "Deprecated config passing" feature; or (2) crafted backend_data and backend_data[key_location] variables, which are not properly handled by the xinha_read_passed_data function. NOTE: this can be leveraged to upload and possibly execute arbitrary files via config.inc.php in the ImageManager plugin.
How severe is CVE-2010-1916?
Severity scoring for CVE-2010-1916 is pending analysis. The EPSS model estimates a 3.26% probability of exploitation in the next 30 days.
How do I fix CVE-2010-1916?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2010-1916?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST