CVE-2009-5095

Ea-style Gbook - Code Injection

Title source: rule

Description

PHP remote file inclusion vulnerability in index_inc.php in ea gBook 0.1 and 0.1.4 allows remote attackers to execute arbitrary PHP code via a URL in the inc_ordner parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by bd0rk · perlwebappsphp

https://www.exploit-db.com/exploits/8052

View Code ZIP pw:eip

References (4)

[Vendor Advisory] http://secunia.com/advisories/33927

[Exploit] http://www.exploit-db.com/exploits/8052

[Exploit] http://www.securityfocus.com/bid/33774

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/48759

Scores

EPSS 0.0242

EPSS Percentile 85.2%

Details

CWE

CWE-94

Status published

Products (2)

ea-style/gbook 0.1

ea-style/gbook 0.1.4

Published Sep 12, 2011

Tracked Since Feb 18, 2026