CVE-2009-2379

N/A Unknown

Published: July 08, 2009 Modified: April 23, 2026

Description

Directory traversal vulnerability in public/index.php in BIGACE Web CMS 2.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cmd parameter.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://forum.bigace.de/announcements/security-patch-for-bigace-2-6

Source: cve@mitre.org

Patch

http://osvdb.org/55510

Source: cve@mitre.org

http://secunia.com/advisories/35643

Source: cve@mitre.org

Vendor Advisory

http://securitytracker.com/id?1022489

Source: cve@mitre.org

Exploit

http://www.bigace.de/Security-patch-for-BIGACE-2.6-released.html

Source: cve@mitre.org

Patch Vendor Advisory

http://www.exploit-db.com/exploits/9052

Source: cve@mitre.org

http://www.securityfocus.com/bid/35537

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/51444

Source: cve@mitre.org

http://forum.bigace.de/announcements/security-patch-for-bigace-2-6