CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-0595

PHP remote file inclusion vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the theme parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.031

EPSS Ranking 86.3%

CVSS Severity

CVSS v2 Score 5.1

References

http://secunia.com/advisories/33382
http://www.securityfocus.com/bid/33092
https://www.exploit-db.com/exploits/7648
http://secunia.com/advisories/33382
http://www.securityfocus.com/bid/33092
https://www.exploit-db.com/exploits/7648

Products affected by CVE-2009-0595

Phpskelsite » Phpskelsite » Version: 1.4

cpe:2.3:a:phpskelsite:phpskelsite:1.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0595

Products

Pricing

Contact Us