CVE-2009-2399

PHP remote file inclusion vulnerability in dm-albums/template/album.php in DM FileManager 3.9.4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the SECURITY_FILE parameter.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:dutchmonkey:dm_filemanager:3.9.4:*:*:*:*:*:*:*

Information

Published : 2009-07-09 09:30

Updated : 2017-09-18 18:29


NVD link : CVE-2009-2399

Mitre link : CVE-2009-2399


JSON object : View

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

dedicated server usa

Products Affected

dutchmonkey

  • dm_filemanager