Lucene search
MitreCVE-2009-4693HistoryMar 10, 2010 - 10:30 p.m.
CVE-2009-4693
2010-03-1022:30:00
CWE-94
mitre
web.nvd.nist.gov
28
cve
2009
4693
php
remote file inclusion
vulnerabilities
grafx minicwb
arbitrary code execution
url
lang parameter
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.015
Percentile
87.0%
Multiple PHP remote file inclusion vulnerabilities in GraFX MiniCWB 2.3.0 allow remote attackers to execute arbitrary PHP code via a URL in the LANG parameter to (1) en.inc.php, (2) hu.inc.php, (3) no.inc.php, (4) ro.inc.php, and (5) ru.inc.php in language/.
Affected configurations
Node
grafxsoftwareminicwbMatch2.3.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| grafxsoftware | minicwb | 2.3.0 | cpe:2.3:a:grafxsoftware:minicwb:2.3.0:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
MiniCWB 2.3.0 - 'lang' Remote File Inclusion
2009-07-20 00:00:00
prion
prion
Remote file inclusion
2010-03-10 22:30:00
nvd
nvd
CVE-2009-4693
2010-03-10 22:30:00
cvelist
cvelist
CVE-2009-4693
2010-03-10 22:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.015
Percentile
87.0%
Related for CVE-2009-4693