CVE-2009-5095 – ea-gBook 0.1 - Remote Command Execution / Remote File Inclusion

https://notcve.org/view.php?id=CVE-2009-5095

PHP remote file inclusion vulnerability in index_inc.php in ea gBook 0.1 and 0.1.4 allows remote attackers to execute arbitrary PHP code via a URL in the inc_ordner parameter. Vulnerabilidad de inclusión de archivos en index_inc.php en ea gBook v0.1 y v0.1.4 permite a atacantes remotos ejecutar código PHP arbitrario a través de una URL en el parámetro inc_ordner. • https://www.exploit-db.com/exploits/8052 http://secunia.com/advisories/33927 http://www.exploit-db.com/exploits/8052 http://www.securityfocus.com/bid/33774 https://exchange.xforce.ibmcloud.com/vulnerabilities/48759 • CWE-94: Improper Control of Generation of Code ('Code Injection') •