CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4224

Multiple PHP remote file inclusion vulnerabilities in SweetRice 0.5.4, 0.5.3, and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root_dir parameter to (1) _plugin/subscriber/inc/post.php and (2) as/lib/news_modify.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.055

EPSS Ranking 89.7%

CVSS Severity

CVSS v2 Score 6.8

References

Products affected by CVE-2009-4224

Basic-Cms » Sweetrice » Version: Any

cpe:2.3:a:basic-cms:sweetrice:*
Basic-Cms » Sweetrice » Version: 0.2.0

cpe:2.3:a:basic-cms:sweetrice:0.2.0
Basic-Cms » Sweetrice » Version: 0.2.1

cpe:2.3:a:basic-cms:sweetrice:0.2.1
Basic-Cms » Sweetrice » Version: 0.3.0

cpe:2.3:a:basic-cms:sweetrice:0.3.0
Basic-Cms » Sweetrice » Version: 0.3.1

cpe:2.3:a:basic-cms:sweetrice:0.3.1
Basic-Cms » Sweetrice » Version: 0.4.0

cpe:2.3:a:basic-cms:sweetrice:0.4.0
Basic-Cms » Sweetrice » Version: 0.4.1

cpe:2.3:a:basic-cms:sweetrice:0.4.1
Basic-Cms » Sweetrice » Version: 0.4.2

cpe:2.3:a:basic-cms:sweetrice:0.4.2
Basic-Cms » Sweetrice » Version: 0.4.4

cpe:2.3:a:basic-cms:sweetrice:0.4.4
Basic-Cms » Sweetrice » Version: 0.5.0

cpe:2.3:a:basic-cms:sweetrice:0.5.0
Basic-Cms » Sweetrice » Version: 0.5.1

cpe:2.3:a:basic-cms:sweetrice:0.5.1
Basic-Cms » Sweetrice » Version: 0.5.2

cpe:2.3:a:basic-cms:sweetrice:0.5.2
Basic-Cms » Sweetrice » Version: 0.5.3

cpe:2.3:a:basic-cms:sweetrice:0.5.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4224

Products

Pricing

Contact Us