CVE-2009-1625

EPSS 3.52% · P88 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-1625

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Directory traversal vulnerability in index.php in Thickbox Gallery 2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ln parameter.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Thickbox Gallery 'index.php' 本地文件包含漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Thickbox Gallery 2是一个管理图片/音频/视频库的工具。 Thickbox Gallery 2版本的index.php中存在目录遍历漏洞。远程攻击者可以借助In参数中的一个..(参数中包含'..')，包含和允许任意本地文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2009-1625

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2009-1625

请登录查看更多情报信息。

https://www.exploit-db.com/exploits/8546exploitx_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/34741vdb-entryx_refsource_BID
https://nvd.nist.gov/vuln/detail/CVE-2009-1625

Same Patch Batch · n/a · 2009-05-12 · 27 CVEs total

CVE-2008-6806		7-Shop 'imageupload.php'任意文件上传漏洞
CVE-2009-1627		SDP Downloader ASX文件处理堆溢出漏洞
CVE-2009-1626		EZ-Blog 'public/specific.php' SQL注入漏洞
CVE-2009-1624		Dew-Code Dew-NewPHPLinks 'index.php' 本地文件目录遍历漏洞
CVE-2009-1623		Dew-Code Dew-NewPHPLinks 'index.php' 本地文件包含和跨站脚本攻击漏洞
CVE-2009-1622		ECShop 'user.php' SQL注入漏洞
CVE-2009-1621		OpenCart 'index.php' 本地文件目录遍历漏洞
CVE-2009-1620		MataChat 'input.php' 多个跨站脚本攻击漏洞
CVE-2009-1619		Teraway FileStream twFSadmin cookieCookie认证绕过漏洞
CVE-2009-1618		Teraway LinkTracker TWLHadmin cookie Cookie认证绕过漏洞
CVE-2009-1617		Teraway LinkTracker twLTadmin Cookie认证绕过漏洞
CVE-2008-6808		Scripts For Sites EZ Link Directory 'links.php' SQL注入漏洞
CVE-2008-6807		Ibiblio Osprey 'ListRecords.php'多个远程文件包含漏洞
CVE-2009-0220		Microsoft PowerPoint PP4X32.DLL库多个栈溢出漏洞
CVE-2009-1137		Microsoft PowerPoint PP4X32.DLL库栈溢出漏洞
CVE-2009-1131		Microsoft PowerPoint 数据越界栈溢出漏洞
CVE-2009-1130		Microsoft PowerPoint Notes容器堆溢出漏洞
CVE-2009-1129		Microsoft PowerPoint PP7X32.DLL库栈溢出漏洞
CVE-2009-1128		Microsoft PowerPoint PP7X32.DLL 多个栈溢出漏洞
CVE-2009-0227		Microsoft PowerPoint PP4X32.DLL库栈溢出漏洞

Showing top 20 of 27 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2009-1625

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2009-1625

I. Basic Information for CVE-2009-1625

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2009-1625

III. Intelligence Information for CVE-2009-1625

Same Patch Batch · n/a · 2009-05-12 · 27 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2009-1625

Leave a comment