CVE-2009-1226

2009-04-0215:00:00

mitre

www.cve.org

AI Score

6.8

Confidence

Low

EPSS

0.005

Percentile

77.5%

JSON

core/admin/delete.php in Podcast Generator 1.1 and earlier does not properly restrict access to administrative functions, which allows remote attackers to delete arbitrary files via the file parameter.

References

secunia.com/advisories/34555

www.securityfocus.com/bid/34317

www.exploit-db.com/exploits/8324