Bluevirus-design » Sma-db : Security Vulnerabilities, CVEs, Published In 2009 (File inclusion)
Multiple PHP remote file inclusion vulnerabilities in theme/format.php in SMA-DB 0.3.13 allow remote attackers to execute arbitrary PHP code via a URL in the (1) _page_css and (2) _page_javascript parameters. NOTE: the _page_content vector is already is covered by CVE-2009-1450.
Max CVSS
7.5
EPSS Score
2.25%
Published
2009-04-28
Updated
2017-09-29
PHP remote file inclusion vulnerability in format.php in SMA-DB 0.3.12 allows remote attackers to execute arbitrary PHP code via a URL in the _page_content parameter.
Max CVSS
7.5
EPSS Score
0.50%
Published
2009-04-28
Updated
2017-09-29
2 vulnerabilities found