CVE-2010-1946 in openRegistreCIL
Summary
by MITRE
Multiple PHP remote file inclusion vulnerabilities in openMairie Openregistrecil 1.02, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the path_om parameter to (1) autorisation_normale.class.php, (2) collectivite.class.php, (3) dossier.class.php, (4) norme_simplifiee.class.php, (5) registre.class.php, (6) autorisation_unique.class.php, (7) demande_avis.class.php, (8) droit.class.php, (9) organisme.class.php, (10) service.class.php, (11) categorie_donnee.class.php, (12) destinataire.class.php, (13) profil.class.php, (14) tabdyn_visu.class.php, (15) categorie_personne.class.php, (16) dispense.class.php, (17) modificatif.class.php, (18) reference.class.php, and (19) utilisateur.class.php in obj/.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 10/22/2025
The vulnerability described in CVE-2010-1946 represents a critical remote file inclusion flaw affecting openMairie Openregistrecil version 1.02. This issue stems from improper input validation and sanitization within the application's object handling mechanisms, specifically in the obj/ directory where multiple class files are susceptible to malicious input manipulation. The vulnerability is particularly dangerous because it leverages the dangerous PHP configuration setting register_globals=on, which automatically creates global variables from HTTP request parameters, fundamentally undermining the application's security model and creating an attack surface that allows remote code execution through crafted URLs.
The technical exploitation of this vulnerability occurs through manipulation of the path_om parameter within the affected PHP files, which are part of the application's core object-oriented architecture. When register_globals is enabled, user-supplied URL parameters become automatically available as global variables, eliminating the need for explicit variable assignment and bypassing normal input validation checks. Attackers can construct malicious URLs containing PHP code within the path_om parameter, which then gets included and executed by the vulnerable application, effectively allowing remote code execution on the target server. This flaw maps directly to CWE-88, which describes improper neutralization of special elements used in an expression, and specifically relates to CWE-94, which addresses the execution of arbitrary code or commands.
The operational impact of this vulnerability is severe and far-reaching, as it provides attackers with complete control over the affected server environment. Successful exploitation enables attackers to execute arbitrary commands, upload malicious files, establish backdoors, and potentially escalate privileges to gain administrative access to the entire application infrastructure. The vulnerability affects a broad range of application functionality since it spans across multiple class files within the obj/ directory, meaning that any of the listed files can serve as attack vectors for remote code execution. This widespread impact makes the vulnerability particularly dangerous for organizations relying on openMairie Openregistrecil, as a single exploit can compromise the entire system rather than just one specific component.
Organizations affected by this vulnerability should immediately implement multiple layers of mitigation strategies to protect their systems. The most critical immediate action is to disable the register_globals configuration setting in the PHP environment, which fundamentally eliminates the attack vector by preventing automatic creation of global variables from HTTP request parameters. Additionally, input validation and sanitization should be implemented at all entry points, with strict parameter validation to ensure that only expected and safe values are accepted. The application should also be updated to a patched version that properly handles user input and implements secure file inclusion practices. From an ATT&CK framework perspective, this vulnerability aligns with T1190, which describes exploit for execution, and T1059, which covers command and scripting interpreter. Organizations should also consider implementing network-based intrusion detection systems to monitor for exploitation attempts and ensure proper access controls are in place to limit the potential damage from successful attacks.