Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2009-3815

EPSS 0.25% · P48
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-3815

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
RunCMS 2M1, when running with certain error_reporting levels, allows remote attackers to obtain sensitive information via (1) the op[] parameter to modules/contact/index.php or (2) uid[] parameter to userinfo.php, which leaks the installation path in an error message when these parameters are used in a call to the preg_match function.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
RunCMS 2M1信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
RunCMS是国外的一个开源CMS,功能上包含了建站所需要的大部分功能。 当RunCMS 2M1在某个error_reporting级别上运行时,远程攻击者可以借助preg_match函数中运行时调用的参数(1) modules/contact/index.php的op[]参数或(2) userinfo.php的uid[]参数,获得安装路径信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2009-3815

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2009-3815

登录查看更多情报信息。

Same Patch Batch · n/a · 2009-10-27 · 15 CVEs total

CVE-2009-3801OpenDocMan SQL注入漏洞
CVE-2009-3802Amiro.CMS输入验证漏洞
CVE-2009-3803Amiro.CMS跨站脚本攻击漏洞
CVE-2009-3804Runcms SQL注入漏洞
CVE-2009-3805Gpg4win远程拒绝服务漏洞
CVE-2009-3806DedeCMS SQL注入漏洞
CVE-2009-3807MixVibes 缓冲区溢出漏洞
CVE-2009-3808MixSense DJ Studio拒绝服务攻击漏洞
CVE-2009-3809Acoustica MP3 Audio Mixer缓冲区溢出漏洞
CVE-2009-3810Acoustica MP3 Audio Mixer 缓冲区溢出漏洞
CVE-2009-3811AssistantTools Music Tag Editor 1.61 缓冲区溢出漏洞
CVE-2009-3812Otslabs OtsAV DJ 缓冲区溢出漏洞
CVE-2009-3813RunCMS 2m1 SQL注入漏洞
CVE-2009-3814RunCMS 2m1 代码注入漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2009-3815

No comments yet

Leave a comment