CVE-2009-4264

2009-12-1016:00:00

mitre

www.cve.org

AI Score

7.5

Confidence

High

EPSS

0.01

Percentile

84.1%

JSON

PHP remote file inclusion vulnerability in components/core/connect.php in AROUNDMe 1.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the language_path parameter.

References

secunia.com/advisories/37567

www.exploit-db.com/exploits/10329