CVE-2009-4319

2009-12-1421:00:00

mitre

www.cve.org

7.5 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.3%

JSON

PHP remote file inclusion vulnerability in js/bbcodepress/bbcode-form.php in eoCMS 0.9.03 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BBCODE_path parameter.

References

secunia.com/advisories/37749

www.exploit-db.com/exploits/10422