CVE-2012-10034 – “ClanSphere File Inclusion Vulnerability”

August 5, 2025

CVE ID : CVE-2012-10034

Published : Aug. 5, 2025, 8:15 p.m. | 3 hours, 10 minutes ago

Description : ClanSphere 2011.3 is vulnerable to a local file inclusion (LFI) flaw due to improper handling of the cs_lang cookie parameter. The application fails to sanitize user-supplied input, allowing attackers to traverse directories and read arbitrary files outside the web root. The vulnerability is further exacerbated by null byte injection (%00) to bypass file extension checks.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2012-10035 – Turbo FTP Server Buffer Overflow Vulnerability

Next Article CVE-2012-10029 – Nagios XI Command Injection Vulnerability

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

3 portable power stations I travel everywhere with (and how they differ)

I tried Lenovo’s new rollable ThinkBook and can’t go back to regular-sized screens

The Creators of the Acclaimed Silent Hill 2 Remake Present a Deep Dive Into the Story of Their Newest Horror Game IP — and It’s So Bizarre and Insane That It’s Convinced Me To Put It on My Wishlist

Forget Back to School Deals — Lenovo’s Clearance Sale is Where You’ll Find Amazing Discounts on Laptops, Mini PCs, and More, While Supplies Last

spatie/laravel-flare

spatie/laravel-flare

Establishing Consistent Data Foundations with Laravel’s Database Population System

Generate Postman Collections from Laravel Routes

The Creators of the Acclaimed Silent Hill 2 Remake Present a Deep Dive Into the Story of Their Newest Horror Game IP — and It’s So Bizarre and Insane That It’s Convinced Me To Put It on My Wishlist

The Creators of the Acclaimed Silent Hill 2 Remake Present a Deep Dive Into the Story of Their Newest Horror Game IP — and It’s So Bizarre and Insane That It’s Convinced Me To Put It on My Wishlist

Forget Back to School Deals — Lenovo’s Clearance Sale is Where You’ll Find Amazing Discounts on Laptops, Mini PCs, and More, While Supplies Last

The Gaming Desktop I’ve Relied on More Than Any Other Is More Powerful and Sleeker Than Ever — But Damn, It’s Expensive

CVE-2012-10034 – “ClanSphere File Inclusion Vulnerability”

Android adware: What is it, and how do I get it off my device?

Black Hat USA 2025: Is a high cyber insurance premium about your risk, or your insurer’s?

CVE-2025-49029 – Bitto Kazi Custom Login And Signup Widget Code Injection Vulnerability

CVE-2025-5272 – Firefox Memory Corruption Vulnerability

CVE-2025-4180 – PCMan FTP Server Buffer Overflow Vulnerability

CVE-2025-7122 – Campcodes Complaint Management System SQL Injection Vulnerability

CVE-2024-51981 – Apache SOAP SSRF/HTTP Request Smuggling

Google patches actively exploited Chrome (CVE‑2025‑6554)

CVE-2025-40596 – SMA100 Series Web Interface Stack-based Buffer Overflow Vulnerability

This is Microsoft’s canceled Windows-based Surface Duo — the dual-screen Windows Phone from 2018 that we never got

CVE-2012-10034 – “ClanSphere File Inclusion Vulnerability”

Related Posts