CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-1462

The Security Manager in razorCMS before 0.4 does not verify the permissions of every file owned by the apache user account, which is inconsistent with the documentation and allows local users to have an unspecified impact.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 13.6%

CVSS Severity

CVSS v2 Score 7.2

References

http://marc.info/?l=full-disclosure&m=123990481506680&w=2
http://marc.info/?l=full-disclosure&m=123998062108561&w=2
http://razorcms.co.uk/support/viewtopic.php?f=13&t=325
http://www.securityfocus.com/bid/34566
https://exchange.xforce.ibmcloud.com/vulnerabilities/50358
http://marc.info/?l=full-disclosure&m=123990481506680&w=2
http://marc.info/?l=full-disclosure&m=123998062108561&w=2
http://razorcms.co.uk/support/viewtopic.php?f=13&t=325
http://www.securityfocus.com/bid/34566
https://exchange.xforce.ibmcloud.com/vulnerabilities/50358

Products affected by CVE-2009-1462

Razorcms » Razorcms » Version: 0.2

cpe:2.3:a:razorcms:razorcms:0.2
Razorcms » Razorcms » Version: 0.3

cpe:2.3:a:razorcms:razorcms:0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-1462

Products

Pricing

Contact Us