CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-1512

Static code injection vulnerability in X-Forum 0.6.2 allows remote authenticated administrators to inject arbitrary PHP code into Config.php via the adminEMail parameter to SaveConfig.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.6%

CVSS Severity

CVSS v2 Score 6.5

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/50390
https://www.exploit-db.com/exploits/8317
https://exchange.xforce.ibmcloud.com/vulnerabilities/50390
https://www.exploit-db.com/exploits/8317

Products affected by CVE-2009-1512

Keir Davis » X-Forum » Version: 0.6.2

cpe:2.3:a:keir_davis:x-forum:0.6.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-1512

Products

Pricing

Contact Us