Lucene search
MitreCVE-2009-4431HistoryDec 28, 2009 - 7:00 p.m.
CVE-2009-4431
2009-12-2819:00:00
CWE-94
mitre
web.nvd.nist.gov
23
cve-2009-4431
php
remote file inclusion
cal_popup.php
jcal pro
com_jcalpro
jcp
joomla
arbitrary code execution
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.6
Confidence
High
EPSS
0.01
Percentile
84.2%
PHP remote file inclusion vulnerability in cal_popup.php in the Anything Digital Development JCal Pro (aka com_jcalpro or JCP) component 1.5.3.6 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Affected configurations
Node
joomlajoomla\!
anything-digitalcom_jcalproMatch1.5.3.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| joomla | joomla\! | * | cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* |
| anything-digital | com_jcalpro | 1.5.3.6 | cpe:2.3:a:anything-digital:com_jcalpro:1.5.3.6:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
Joomla! Component com_jcalpro 1.5.3.6 - Remote File Inclusion
2009-12-13 00:00:00
cvelist
cvelist
CVE-2009-4431
2009-12-28 18:27:00
prion
prion
Remote file inclusion
2009-12-28 19:00:00
nvd
nvd
CVE-2009-4431
2009-12-28 19:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.6
Confidence
High
EPSS
0.01
Percentile
84.2%
Related for CVE-2009-4431