CVE-2009-2399

Metadata

CVE-2009-2399
6.8
exploit-db.com
2009-07-09
2017-09-19 07:07

Description

PHP remote file inclusion vulnerability in dm-albums/template/album.php in DM FileManager 3.9.4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the SECURITY_FILE parameter.

Related Vulnerabilities