CVE-2009-2378

2009-07-0815:00:00

mitre

www.cve.org

7.5 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.5%

JSON

PHP remote file inclusion vulnerability in formmailer.admin.inc.php in Jax FormMailer 3.0.0 allows remote attackers to execute arbitrary PHP code via a URL in the BASE_DIR[jax_formmailer] parameter.

References

www.exploit-db.com/exploits/9051

exchange.xforce.ibmcloud.com/vulnerabilities/51443