CVE-2009-1677

Current Description

Multiple static code injection vulnerabilities in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and earlier allow (1) remote authenticated users to inject arbitrary PHP code into files by placing PHP sequences into the account's "display name" setting and then invoking boards/boards_rss.php, and might allow (2) remote attackers to inject arbitrary PHP code into files via the HTTP Host header in a request to boards/boards_rss.php.

Basic Data

PublishedMay 18, 2009
Last ModifiedSeptember 29, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-94
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationSINGLE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score6.5
SeverityMEDIUM
Exploitability Score8.0
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegetrue

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationBitweaverBitweaver1.1*******
    2.3ApplicationBitweaverBitweaver1.1.1_beta*******
    2.3ApplicationBitweaverBitweaver1.2.1*******
    2.3ApplicationBitweaverBitweaver1.3*******
    2.3ApplicationBitweaverBitweaver1.3.1*******
    2.3ApplicationBitweaverBitweaver2.0.0*******
    2.3ApplicationBitweaverBitweaver2.0.2*******
    2.3ApplicationBitweaverBitweaver2.5*******
    2.3ApplicationBitweaverBitweaver********2.6

Vulnerable Software List

VendorProductVersions
Bitweaver Bitweaver *, 1.1, 1.1.1_beta, 1.2.1, 1.3, 1.3.1, 2.0.0, 2.0.2, 2.5

References

NameSourceURLTags
35057http://secunia.com/advisories/35057SECUNIAVendor Advisory
20090512 Bitweaver <= 2.6 /boards/boards_rss.php / saveFeed() remote code execution exploithttp://www.securityfocus.com/archive/1/503435BUGTRAQ
34910http://www.securityfocus.com/bid/34910BID
bitweaver-savefeed-code-execution(50631)https://exchange.xforce.ibmcloud.com/vulnerabilities/50631XF
8659https://www.exploit-db.com/exploits/8659EXPLOIT-DB