CyberSec.Space Logo
Back to CVE Browser

CVE-2010-0934

HIGH
7.1
CVSS Severity Score
EPSS Score0.0220%
EPSS Percentile30.38th
PublishedMar 5, 2010
Last ModifiedApr 29, 2026

Vulnerability Description

The triggers functionality in Perforce Server 2008.1 allows remote authenticated users with super privileges to execute arbitrary operating-system commands by using a "p4 client" command in conjunction with the form-in trigger script.

Affected Platforms (CPE)

πŸ“¦
Perforce

Perforce Server

= 2008.1

References & Advisories

πŸ”— http://lists.immunitysec.com/pipermail/dailydave/2010-March/006063.html
πŸ”— http://www.securityfocus.com/bid/36261
πŸ”— http://lists.immunitysec.com/pipermail/dailydave/2010-March/006063.html
πŸ”— http://www.securityfocus.com/bid/36261

Related Vulnerabilities

CVE-2007-010010.0

The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows r...

CVE-2008-13387.8

The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (...

CVE-2021-216557.1

A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attack...

CVE-2010-09336.8

Directory traversal vulnerability in Perforce Server 2008.1 allows remote authenticated users to create arbitrary files via a .. (...