Vulnerability Details CVE-2009-4156
PHP remote file inclusion vulnerability in modules/pms/index.php in Ciamos CMS 0.9.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_path parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.4%
CVSS Severity
CVSS v2 Score 7.5
References
Products affected by CVE-2009-4156
-
cpe:2.3:a:ciamos:ciamos_cms:*
-
cpe:2.3:a:ciamos:ciamos_cms:0.9
-
cpe:2.3:a:ciamos:ciamos_cms:0.9.2