Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2263


Vulnerability Score 7.5 7.5
CVE Id CVE-2009-2263
Last Modified 30 Jun 2009 12:00:00
Published 30 Jun 2009 06:30:22
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Directory traversal vulnerability in index.php in Awesome PHP Mega File Manager 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.

Vulnerable Systems


  • Awesomephp Mega File Manager 1.0


MILW0RM - 9025

SECUNIA - 35545

Last Updated: 27 May 2016 10:50:50