CVE-2009-4106

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
29/11/2009
Last modified:
09/04/2025

Description

Unrestricted file upload vulnerability in admintools/editpage-2.php in Agoko CMS 0.4 and earlier allows remote attackers to inject and execute arbitrary PHP code via the filename and text parameters.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:ohloh:agoko_cms:*:*:*:*:*:*:*:* 0.4 (including)