Vulnerability Details CVE-2009-4082
PHP remote file inclusion vulnerability in forums/Forum_Include/index.php in Outreach Project Tool (OPT) 1.2.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CRM_path parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.032
EPSS Ranking 86.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/60464
- http://packetstormsecurity.org/0911-exploits/opt-rfi.txt
- http://secunia.com/advisories/37447
- http://www.exploit-db.com/exploits/10218
- http://www.securityfocus.com/bid/37090
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54379
- http://osvdb.org/60464
- http://packetstormsecurity.org/0911-exploits/opt-rfi.txt
- http://secunia.com/advisories/37447
- http://www.exploit-db.com/exploits/10218
- http://www.securityfocus.com/bid/37090
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54379
Products affected by CVE-2009-4082
-
cpe:2.3:a:lanifex:outreach_project_tool:*
-
cpe:2.3:a:lanifex:outreach_project_tool:0.933
-
cpe:2.3:a:lanifex:outreach_project_tool:0.934
-
cpe:2.3:a:lanifex:outreach_project_tool:0.935
-
cpe:2.3:a:lanifex:outreach_project_tool:0.936
-
cpe:2.3:a:lanifex:outreach_project_tool:0.937
-
cpe:2.3:a:lanifex:outreach_project_tool:0.938
-
cpe:2.3:a:lanifex:outreach_project_tool:0.939
-
cpe:2.3:a:lanifex:outreach_project_tool:0.94
-
cpe:2.3:a:lanifex:outreach_project_tool:0.941
-
cpe:2.3:a:lanifex:outreach_project_tool:0.942
-
cpe:2.3:a:lanifex:outreach_project_tool:0.943
-
cpe:2.3:a:lanifex:outreach_project_tool:0.944
-
cpe:2.3:a:lanifex:outreach_project_tool:0.945
-
cpe:2.3:a:lanifex:outreach_project_tool:0.946
-
cpe:2.3:a:lanifex:outreach_project_tool:0.947
-
cpe:2.3:a:lanifex:outreach_project_tool:0.948
-
cpe:2.3:a:lanifex:outreach_project_tool:1.2.6