Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2009-2332

Published: 05/07/2009 Updated: 19/09/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

CMS Chainuk 1.2 and previous versions allows remote malicious users to obtain sensitive information via (1) a crafted id parameter to index.php or (2) a nonexistent folder name in the id parameter to admin/admin_delete.php, which reveals the installation path in an error message.

Vulnerable Product Search on Vulmon Subscribe to Product

cms.tut.su cms chainuk

Exploits

Exploit DB: CMS chainuk 1.2 - Multiple Vulnerabilities
CMS Chainuk <= v12 Vulns Home: Cmstutsu Dork: "Cmstutsu, 2009 g" eLwaux(c) 14062 ## ## ## ## ## ## LFI /indexphp --------------------------------------------------------------------------- 6: if (isset($_GET ['id'])) 7: { 8: [color=white]$id = $_GET ['id'];[/color] 9: } 10: else 11: { 12: $id = $index; 13: } 14: if (f ...

References

CWE-200http://osvdb.org/55670http://osvdb.org/55671http://www.exploit-db.com/exploits/9069https://nvd.nist.govhttps://www.exploit-db.com/exploits/9069/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316SQL injectiontype confusionCVE-2024-20697CVE-2024-4344localCVE-2024-30043CVE-2024-3821CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook