CVE-2009-0422
published 2009-02-05CVE-2009-0422: Dynamic variable evaluation vulnerability in lists/admin.php in phpList 2.10.8 and earlier, when register_globals is disabled, allows remote attackers to…
PriorityP344high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
6.20%
92.6th percentile
Dynamic variable evaluation vulnerability in lists/admin.php in phpList 2.10.8 and earlier, when register_globals is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the _SERVER[ConfigFile] parameter to admin/index.php.
Affected
70 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tincan | phplist | <= 2.10.8 | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
CWE
Improper Control of Dynamically-Identified Variables
mitre_cwe·CVSS 6.4
[MEDIUM] CWE-914 Improper Control of Dynamically-Identified Variables
CWE-914: Improper Control of Dynamically-Identified Variables
The product does not properly restrict reading from or writing to dynamically-identified variables.
Many languages offer powerful features that allow the programmer to access arbitrary variables that are specified by an input string. While these features can offer significant flexibility and reduce development time, they can be extremely dangerous if attackers can modify unintended variables that have security implications.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Integrity. Impact: Modify Application Data. An attacker could modify sensitive data or program variables.
Scope: Integrity. Impact: Execute Unauthorized Code or Commands.
Scope: Other, Integrity. Impact: Varies by Context, Alter Exec
CWE
Dynamic Variable Evaluation
mitre_cwe·CVSS 6.4
[MEDIUM] CWE-627 Dynamic Variable Evaluation
CWE-627: Dynamic Variable Evaluation
In a language where the user can influence the name of a variable at runtime, if the variable names are not controlled, an attacker can read or write to arbitrary variables, or access arbitrary functions.
The resultant vulnerabilities depend on the behavior of the application, both at the crossover point and in any control/data flow that is reachable by the related variables or functions.
Background: Many interpreted languages support the use of a "$$varname" construct to set a variable whose name is specified by the $varname variable. In PHP, these are referred to as "variable variables." Functions might also be invoked using similar syntax, such as $$funcname(arg1, arg2).
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Co
http://secunia.com/advisories/33533http://www.bugreport.ir/index_60.htmhttp://www.securityfocus.com/archive/1/500057/100/0/threadedhttps://exchange.xforce.ibmcloud.com/vulnerabilities/47945https://www.exploit-db.com/exploits/7778http://secunia.com/advisories/33533http://www.bugreport.ir/index_60.htmhttp://www.securityfocus.com/archive/1/500057/100/0/threadedhttps://exchange.xforce.ibmcloud.com/vulnerabilities/47945https://www.exploit-db.com/exploits/7778
2009-02-05
Published