Unrated severityNVD Advisory· Published Apr 28, 2009· Updated Apr 23, 2026
CVE-2009-1452
CVE-2009-1452
Description
Multiple PHP remote file inclusion vulnerabilities in theme/format.php in SMA-DB 0.3.13 allow remote attackers to execute arbitrary PHP code via a URL in the (1) _page_css and (2) _page_javascript parameters. NOTE: the _page_content vector is already is covered by CVE-2009-1450.
Affected products
1- cpe:2.3:a:bluevirus-design:sma-db:0.3.13:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.