QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2009-2331

Back to search

CVE-2009-2331

Published: Jul 5, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple static code injection vulnerabilities in CMS Chainuk 1.2 and earlier allow remote attackers to inject arbitrary PHP code (1) into settings.php via the menu parameter to admin_settings.php or (2) into a content/=NUMBER.php file via the title parameter to admin_new.php.

VendorProductVersions

n/a

n/a

affected
n/a

References

9069
exploit
x_refsource_EXPLOIT-DB
55672
vdb-entry
x_refsource_OSVDB
55673
vdb-entry
x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now