CVE-2009-1936

CVSS 9.8 CRITICALEPSS 42.2%CWE-22

Vexday Risk Score

60Attention

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS 9.8EPSS 42.2%KEV nãoPoC públicaNuclei —Metasploit —Patch —

Lifecycle

05 Jun 2009Published on NVD

Recommendation: Plan a near-term fix — a public PoC already exists.

_functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote attackers to bypass a protection mechanism to conduct remote file inclusion and directory traversal attacks, execute arbitrary PHP code, or read arbitrary files via the GLOBALS[prefix] parameter, a different vector than CVE-2003-1500.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

n/a · n/a

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/8790unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/35245 https://www.exploit-db.com/exploits/8790 http://www.securityfocus.com/bid/35103