CVE-2009-4319

PHP remote file inclusion vulnerability in js/bbcodepress/bbcode-form.php in eoCMS 0.9.03 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BBCODE_path parameter.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:eocms:eocms:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2009-12-14 21:17

Updated : 2024-02-28 11:21


NVD link : CVE-2009-4319

Mitre link : CVE-2009-4319

CVE.ORG link : CVE-2009-4319


JSON object : View

Products Affected

eocms

  • eocms
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')