PHP Remote File Inclusion Vulnerability in MyBackup by MyBackup
CVE-2009-4977

Currently unrated

Key Information:

Vendor: Tufat
Status: Mybackup
Vendor: CVE Published:; 25 August 2010

What is CVE-2009-4977?

The MyBackup 1.4.0 product has a PHP remote file inclusion vulnerability in its index.php file. This issue permits remote authenticated users to manipulate the 'main_content' parameter to execute arbitrary PHP code. This exploitation can lead to further compromise of the application and the system it operates on, highlighting the importance of securing web applications against such vulnerabilities.

References

http://www.exploit-db.com/exploits/9365

exploitx_refsource_EXPLOIT-DB

http://www.vupen.com/english/advisories/2009/2165

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/36106

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 25, 2010
Vulnerability Reserved
Aug 25, 2010

Tufat

What is CVE-2009-4977?

References

Timeline