Lucene search
MitreCVE-2009-1230HistoryApr 02, 2009 - 3:30 p.m.
CVE-2009-1230
2009-04-0215:30:00
CWE-94
mitre
web.nvd.nist.gov
27
code injection
security vulnerability
podcast generator
php
remote authentication
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.002
Percentile
54.2%
Static code injection vulnerability in index.php in Podcast Generator 1.1 and earlier allows remote authenticated administrators to inject arbitrary PHP code into config.php via the recent parameter in a config change action.
Affected configurations
Node
podcast_generatorpodcast_generatorRangeβ€1.1
ORpodcast_generatorpodcast_generatorMatch0.6
ORpodcast_generatorpodcast_generatorMatch0.8
ORpodcast_generatorpodcast_generatorMatch0.9
ORpodcast_generatorpodcast_generatorMatch0.81
ORpodcast_generatorpodcast_generatorMatch0.91
ORpodcast_generatorpodcast_generatorMatch0.92
ORpodcast_generatorpodcast_generatorMatch0.93
ORpodcast_generatorpodcast_generatorMatch0.94
ORpodcast_generatorpodcast_generatorMatch0.95
ORpodcast_generatorpodcast_generatorMatch0.96
ORpodcast_generatorpodcast_generatorMatch0.96.2
ORpodcast_generatorpodcast_generatorMatch1.0
ORpodcast_generatorpodcast_generatorMatch1.0beta_2
ORpodcast_generatorpodcast_generatorMatch1.0_beta
ORpodcast_generatorpodcast_generatorMatch1.0_beta2
ORpodcast_generatorpodcast_generatorMatch1.0_beta3
ORpodcast_generatorpodcast_generatorMatch1.0_beta4
ORpodcast_generatorpodcast_generatorMatch1.0_beta4a
| Vendor | Product | Version | CPE |
|---|---|---|---|
| podcast_generator | podcast_generator | * | cpe:2.3:a:podcast_generator:podcast_generator:*:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.6 | cpe:2.3:a:podcast_generator:podcast_generator:0.6:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.8 | cpe:2.3:a:podcast_generator:podcast_generator:0.8:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.9 | cpe:2.3:a:podcast_generator:podcast_generator:0.9:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.81 | cpe:2.3:a:podcast_generator:podcast_generator:0.81:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.91 | cpe:2.3:a:podcast_generator:podcast_generator:0.91:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.92 | cpe:2.3:a:podcast_generator:podcast_generator:0.92:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.93 | cpe:2.3:a:podcast_generator:podcast_generator:0.93:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.94 | cpe:2.3:a:podcast_generator:podcast_generator:0.94:*:*:*:*:*:*:* |
| podcast_generator | podcast_generator | 0.95 | cpe:2.3:a:podcast_generator:podcast_generator:0.95:*:*:*:*:*:*:* |
References
Related
openvas
openvas
Podcast Generator <= 1.1 Arbitrary File Deletion Vulnerability
2009-04-16 00:00:00
nvd
nvd
CVE-2009-1230
2009-04-02 15:30:00
prion
prion
Code injection
2009-04-02 15:30:00
cvelist
cvelist
CVE-2009-1230
2009-04-02 15:00:00
exploitdb
exploitdb
Podcast Generator 1.1 - Remote Code Execution
2009-03-31 00:00:00
seebug
seebug
Podcast Generatorε€δΈͺ樑εζδ»Άε
ε«εδ»»ζζδ»Άε ι€ζΌζ΄
2009-06-06 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.002
Percentile
54.2%
Related for CVE-2009-1230