Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2009-3664

Published: 11/10/2009 Updated: 10/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Nullam Blog

Vulnerability Summary

Multiple directory traversal vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote malicious users to include or execute arbitrary files via a .. (dot dot) in the (1) p and (2) s parameters.

Vulnerable Product Search on Vulmon Subscribe to Product

nullam nullam blog 0.1.2

Exploits

Exploit DB: nullam blog 0.1.2 - Local File Inclusion / File Disclosure / SQL Injection / Cross-Site Scripting
-- Salvatore Fresta aka drosophila CWNP444351 ******** Salvatore "drosophila" Fresta ******** [+] Application: Nullam Blog [+] Version: 012 [+] Website: nullamnet/ [+] Bugs: [A] Local File Inclusion [B] File Disclosure [C] Multiple Blind SQL Injection [D] SQL Injection [E] Reflected XSS [+] Exploitation: Remote [+] Date: 10 Sep 2009 ...

References

CWE-22http://secunia.com/advisories/36648http://www.osvdb.org/57919https://exchange.xforce.ibmcloud.com/vulnerabilities/53217http://www.exploit-db.com/exploits/9625http://www.securityfocus.com/archive/1/506380/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/9625/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook