Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1463

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2009-1463
Last Modified 13 May 2009 01:27:59
Published 28 Apr 2009 12:30:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1463

Summary

Static code injection vulnerability in razorCMS before 0.4 allows remote attackers to inject arbitrary PHP code into any page by saving content as a .php file.

Vulnerable Systems

Application

  • Razorcms 0.2

  • Razorcms 0.3


References

XF - razorcms-phpfile-code-execution(50359)

BID - 34566

CONFIRM - http://razorcms.co.uk/support/viewtopic.php?f=13&t=325

FULLDISC - 20090416 [follow-up] razorCMS - Multiple Vulnerabilities

FULLDISC - 20090416 razorCMS - Multiple Vulnerabilities


Last Updated: 27 May 2016 10:50:34