Lucene search

[email protected]CVE-2009-0464

HistoryFeb 10, 2009 - 7:00 a.m.

CVE-2009-0464

2009-02-1007:00:24

CWE-94

[email protected]

web.nvd.nist.gov

cve

2009

0464

php

remote

file inclusion

vulnerability

groone gbook 2.0

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.055 Low

EPSS

Percentile

93.2%

JSON

PHP remote file inclusion vulnerability in includes/header.php in Groone GBook 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.

Affected configurations

NVD

Node

groonesworldgbookMatch2.0

CPENameOperatorVersion
groonesworld:gbookgroonesworld gbookeq2.0

CPE	Name	Operator	Version
groonesworld:gbook	groonesworld gbook	eq	2.0

References

osvdb.org/51716

secunia.com/advisories/33768

www.securityfocus.com/bid/33578

www.exploit-db.com/exploits/7955

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.055 Low

EPSS

Percentile

93.2%

JSON

Related for CVE-2009-0464

cvelist1 nvd1 prion1