Lucene search
HistoryApr 02, 2009 - 3:30 p.m.
CVE-2009-1230
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.002
Percentile
54.2%
Static code injection vulnerability in index.php in Podcast Generator 1.1 and earlier allows remote authenticated administrators to inject arbitrary PHP code into config.php via the recent parameter in a config change action.
Affected configurations
Node
podcast_generatorpodcast_generatorRange≤1.1
ORpodcast_generatorpodcast_generatorMatch0.6
ORpodcast_generatorpodcast_generatorMatch0.8
ORpodcast_generatorpodcast_generatorMatch0.9
ORpodcast_generatorpodcast_generatorMatch0.81
ORpodcast_generatorpodcast_generatorMatch0.91
ORpodcast_generatorpodcast_generatorMatch0.92
ORpodcast_generatorpodcast_generatorMatch0.93
ORpodcast_generatorpodcast_generatorMatch0.94
ORpodcast_generatorpodcast_generatorMatch0.95
ORpodcast_generatorpodcast_generatorMatch0.96
ORpodcast_generatorpodcast_generatorMatch0.96.2
ORpodcast_generatorpodcast_generatorMatch1.0
ORpodcast_generatorpodcast_generatorMatch1.0beta_2
ORpodcast_generatorpodcast_generatorMatch1.0_beta
ORpodcast_generatorpodcast_generatorMatch1.0_beta2
ORpodcast_generatorpodcast_generatorMatch1.0_beta3
ORpodcast_generatorpodcast_generatorMatch1.0_beta4
ORpodcast_generatorpodcast_generatorMatch1.0_beta4a
| Vendor | Product | Version | CPE |
|---|---|---|---|
| podcast_generator | podcast_generator | * | cpe:2.3:a:podcast_generator:podcast_generator:*:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.6 | cpe:2.3:a:podcast_generator:podcast_generator:0.6:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.8 | cpe:2.3:a:podcast_generator:podcast_generator:0.8:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.9 | cpe:2.3:a:podcast_generator:podcast_generator:0.9:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.81 | cpe:2.3:a:podcast_generator:podcast_generator:0.81:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.91 | cpe:2.3:a:podcast_generator:podcast_generator:0.91:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.92 | cpe:2.3:a:podcast_generator:podcast_generator:0.92:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.93 | cpe:2.3:a:podcast_generator:podcast_generator:0.93:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.94 | cpe:2.3:a:podcast_generator:podcast_generator:0.94:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.95 | cpe:2.3:a:podcast_generator:podcast_generator:0.95:*:*:*:*:*:*:* |
References
Related
openvas
openvas
Podcast Generator <= 1.1 Arbitrary File Deletion Vulnerability
2009-04-16 00:00:00
prion
prion
Code injection
2009-04-02 15:30:00
cve
cve
CVE-2009-1230
2009-04-02 15:30:00
cvelist
cvelist
CVE-2009-1230
2009-04-02 15:00:00
exploitdb
exploitdb
Podcast Generator 1.1 - Remote Code Execution
2009-03-31 00:00:00
seebug
seebug
Podcast Generator多个模块文件包含和任意文件删除漏洞
2009-06-06 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.002
Percentile
54.2%
Related for NVD:CVE-2009-1230