CVE-2009-4106

EUVD-2009-4077
Unrestricted file upload vulnerability in admintools/editpage-2.php in Agoko CMS 0.4 and earlier allows remote attackers to inject and execute arbitrary PHP code via the filename and text parameters.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
Affected Products (NVD)
VendorProductVersion
ohlohagoko_cms
𝑥
≤ 0.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.exploit-db.com/exploits/9605
http://www.vupen.com/english/advisories/2009/2613
https://exchange.xforce.ibmcloud.com/vulnerabilities/53113
http://www.exploit-db.com/exploits/9605
http://www.vupen.com/english/advisories/2009/2613
https://exchange.xforce.ibmcloud.com/vulnerabilities/53113