CVE-2009-1230 - CERT CVE

  1. CVE-2009-1230

ID CVE-2009-1230
Sažetak Static code injection vulnerability in index.php in Podcast Generator 1.1 and earlier allows remote authenticated administrators to inject arbitrary PHP code into config.php via the recent parameter in a config change action.
Reference
CVSS
Base: 6.5
Impact: 6.4
Exploitability:8.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW SINGLE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:N/AC:L/Au:S/C:P/I:P/A:P
Zadnje važnije ažuriranje 29-09-2017 - 01:34
Objavljeno 02-04-2009 - 15:30