Lucene search
MitreCVE-2009-3492HistorySep 30, 2009 - 3:30 p.m.
CVE-2009-3492
2009-09-3015:30:00
CWE-94
mitre
web.nvd.nist.gov
25
cve-2009-3492
php
remote file inclusion
loggix project
vulnerability
execute arbitrary code
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
Low
EPSS
0.014
Percentile
86.4%
Multiple PHP remote file inclusion vulnerabilities in Loggix Project 9.4.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the pathToIndex parameter to (1) Calendar.php, (2) Comment.php, (3) Rss.php and (4) Trackback.php in lib/Loggix/Module/; and (5) modules/downloads/lib/LM_Downloads.php.
Affected configurations
Node
gotdnsloggix_projectRange≤9.4.5
ORgotdnsloggix_projectMatch9.3.27
ORgotdnsloggix_projectMatch9.3.28
| Vendor | Product | Version | CPE |
|---|---|---|---|
| gotdns | loggix_project | * | cpe:2.3:a:gotdns:loggix_project:*:*:*:*:*:*:*:* |
| gotdns | loggix_project | 9.3.27 | cpe:2.3:a:gotdns:loggix_project:9.3.27:*:*:*:*:*:*:* |
| gotdns | loggix_project | 9.3.28 | cpe:2.3:a:gotdns:loggix_project:9.3.28:*:*:*:*:*:*:* |
Related
prion
prion
Remote file inclusion
2009-09-30 15:30:00
exploitdb
exploitdb
Loggix Project 9.4.5 - Multiple Remote File Inclusions
2009-09-21 00:00:00
nvd
nvd
CVE-2009-3492
2009-09-30 15:30:00
cvelist
cvelist
CVE-2009-3492
2009-09-30 15:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
Low
EPSS
0.014
Percentile
86.4%
Related for CVE-2009-3492