CVE-2010-2126

Name: CVE-2010-2126
Creator: NVD / NIST
Published: 2010-06-01T21:30:01.21+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 8.29%

Last modified Jun 16, 2026

CVE-2010-2126 is a vulnerability of currently unknown severity. Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery 3.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the cfg_admin_path parameter to (1) index.php, (2) view.php, (3) image.php, (4) search.php, (5) admin/index.php, (6) admin/gallery/index.php, (7) admin/gallery/view.php, (8) admin/gallery/gallery.php, (9) admin/gallery/image.php, and (10) admin/gallery/crop.php.. EPSS estimates a 8.29% chance of exploitation in the next 30 days.

Description

Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery 3.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the cfg_admin_path parameter to (1) index.php, (2) view.php, (3) image.php, (4) search.php, (5) admin/index.php, (6) admin/gallery/index.php, (7) admin/gallery/view.php, (8) admin/gallery/gallery.php, (9) admin/gallery/image.php, and (10) admin/gallery/crop.php.

Metrics

EPSS Probability

8.29%

94.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-94

Affected Software

Vendor	Product	Versions
Snipegallery	Snipe Gallery	3.1.5

References

Timeline

Published: Jun 1, 2010
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2010-2126?

How severe is CVE-2010-2126?

Severity scoring for CVE-2010-2126 is pending analysis. The EPSS model estimates a 8.29% probability of exploitation in the next 30 days.

How do I fix CVE-2010-2126?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2010-2126?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST