CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-0530

Multiple PHP remote file inclusion vulnerabilities in SnippetMaster 2.2.2, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _SESSION[SCRIPT_PATH] parameter to includes/vars.inc.php and the (2) g_pcltar_lib_dir parameter to includes/tar_lib/pcltar.lib.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 77.1%

CVSS Severity

CVSS v2 Score 6.8

References

http://secunia.com/advisories/33865
http://www.securityfocus.com/bid/33705
https://www.exploit-db.com/exploits/8017
http://secunia.com/advisories/33865
http://www.securityfocus.com/bid/33705
https://www.exploit-db.com/exploits/8017

Products affected by CVE-2009-0530

Electrictoad » Snippetmaster Webpage Editor » Version: 2.2.2

cpe:2.3:a:electrictoad:snippetmaster_webpage_editor:2.2.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0530

Products

Pricing

Contact Us