Unrated severityNVD Advisory· Published Feb 10, 2009· Updated Apr 23, 2026

CVE-2009-0457

Description

Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter to admin/case.php in the (1) Contact_Plus and (2) Reviews modules, and (3) the module_name parameter to admin/includes/FANCYNLOptions.php in the Fancy_NewsLetter module.

Affected products

Magtrb/Aja Portal
cpe:2.3:a:magtrb:aja_portal:1.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/33565nvdExploit
secunia.com/advisories/33735nvdVendor Advisory
osvdb.org/51708nvd
osvdb.org/51709nvd
www.exploit-db.com/exploits/7939nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000