CVE-2009-3422

EPSS 1.56% · P82 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-3422

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

login.php in Zenas PaoLiber 1.1, when register_globals is enabled, allows remote attackers to bypass authentication and gain administrative access by setting the login_ok parameter to 1.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Zenas PaoLiber脚本login.php 授权问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Zenas PaoLiber 1.1版本中的login.php,当register_globals被激活时,远程攻击者通过把login_ok参数设置成1，绕过权限并获得管理访问权。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2009-3422

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2009-3422

Please Login to view more intelligence information

http://www.exploit-db.com/exploits/9294exploitx_refsource_EXPLOIT-DB
http://secunia.com/advisories/36023third-party-advisoryx_refsource_SECUNIA
https://nvd.nist.gov/vuln/detail/CVE-2009-3422

Same Patch Batch · n/a · 2009-09-25 · 15 CVEs total

CVE-2009-3431		Adobe Reader和Acrobat栈消耗漏洞
CVE-2009-3417		Joomla! IDoBlog组件SQL注入漏洞
CVE-2009-3418		plume_cms 多个SQL注入漏洞
CVE-2009-3419		Intesync Miniweb Publisher模块index.php SQL注入漏洞
CVE-2009-3420		Intesync Miniweb Publisher模块多个跨站脚本攻击漏洞
CVE-2009-3421		Zenas PaoBacheca Guestbook 权限许可和访问控制漏洞
CVE-2009-3423		zenas paolink ‘login.php’ 授权问题漏洞
CVE-2009-3424		databay maxcms 多个PHP远程文件包含漏洞
CVE-2009-3425		databay MaxCMS ‘includes/inc.thcms_admin_dirtree.php’ 目录遍历漏洞
CVE-2009-3426		Databay MaxCMS special.php代码注入漏洞
CVE-2009-3427		Kayako SupportSuite 跨站脚本攻击漏洞
CVE-2009-3428		Otbcode Easy Music Player缓冲区溢出漏洞
CVE-2009-3429		Pirate Radio Destiny Media Player缓冲区溢出漏洞
CVE-2009-3430		Allomani Mobile ’login.php‘ SQL注入漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2009-3422

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2009-3422

I. Basic Information for CVE-2009-3422

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2009-3422

III. Intelligence Information for CVE-2009-3422

Same Patch Batch · n/a · 2009-09-25 · 15 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2009-3422

Leave a comment