CVE-2008-6403

Openrat < 0.8-beta4 - Code Injection

Title source: rule

Description

PHP remote file inclusion vulnerability in themes/default/include/html/insert.inc.php in OpenRat 0.8-beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tpl_dir parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by dun · textwebappsphp
https://www.exploit-db.com/exploits/6538

References (3)

Scores

EPSS 0.0234
EPSS Percentile 84.6%

Classification

CWE
CWE-94
Status draft

Affected Products (2)

openrat/openrat < 0.8-beta4
openrat/openrat

Timeline

Published Mar 06, 2009
Tracked Since Feb 18, 2026