What is CVE-2014-10037?

CVE-2014-10037 is a vulnerability in Domphp, classified under Path Traversal. Published 2015-01-13.

Is CVE-2014-10037 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Domphp

CVE-2014-10037

Directory traversal vulnerability in DomPHP 0.83 and earlier allows remote attackers to have unspecified impact via a .. (dot dot) in the url parameter to photoalbum/index.php.

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.654 (98.5th percentile) — read the EPSS interpretation.

Affected products

Domphp
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

20142995/nuclei-templates
ARPSyndicate/cve-scores
ARPSyndicate/kenzer-templates
gnarkill78/CSA_

References

domphp-index-dir-traversal(90582) (vdb-entry, x_refsource_XF)
30865 (Exploit, exploit, x_refsource_EXPLOIT-DB)
102204 (x_refsource_OSVDB, vdb-entry)

Frequently asked questions

What is CVE-2014-10037?: CVE-2014-10037 is a vulnerability in Domphp, classified under Path Traversal. Published 2015-01-13.
Is CVE-2014-10037 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.