Lucene search

[email protected]CVE-2009-4750

HistoryMar 26, 2010 - 8:30 p.m.

CVE-2009-4750

2010-03-2620:30:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2009-4750

php

remote file inclusion

top paidmailer

arbitrary code execution

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.7%

JSON

PHP remote file inclusion vulnerability in home.php in Top Paidmailer allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.

Affected configurations

NVD

Node

phppowertop_paidmailer

CPENameOperatorVersion
phppower:top_paidmailerphppower top paidmailereq*

CPE	Name	Operator	Version
phppower:top_paidmailer	phppower top paidmailer	eq	*

References

secunia.com/advisories/35723

www.osvdb.org/55797

www.packetstormsecurity.org/0907-exploits/toppaidmailer-rfi.txt

exchange.xforce.ibmcloud.com/vulnerabilities/51661

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.7%

JSON

Related for CVE-2009-4750

prion1 nvd1 cvelist1