Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-0643
HistoryFeb 20, 2009 - 6:47 a.m.

CVE-2009-0643

2009-02-2006:47:48
CWE-94
[email protected]
web.nvd.nist.gov
21
cve-2009-0643
static code injection
post.php
simple php news
vulnerability
remote attackers
arbitrary php code
news.txt
post parameter

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.013 Low

EPSS

Percentile

85.7%

JSON

Static code injection vulnerability in post.php in Simple PHP News 1.0 final allows remote attackers to inject arbitrary PHP code into news.txt via the post parameter, and then execute the code via a direct request to display.php. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD
Node
dminnichsimple_php_newsMatch1.0

Related

cvelist 1
nvd 1
prion 1
cvelist
cvelist
CVE-2009-0643
2009-02-18 17:00:00
nvd
nvd
CVE-2009-0643
2009-02-20 06:47:48
prion
prion
Code injection
2009-02-20 06:47:00

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.013 Low

EPSS

Percentile

85.7%

JSON
Related for CVE-2009-0643
cvelist1nvd1prion1