Unrated severityNVD Advisory· Published Dec 7, 2009· Updated Jun 16, 2026
CVE-2009-4222
CVE-2009-4222
Description
phpBazar 2.1.1fix and earlier does not require administrative authentication for admin/admin.php, which allows remote attackers to obtain access to the admin control panel via a direct request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:smartisoft:phpbazar:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:smartisoft:phpbazar:*:*:*:*:*:*:*:*range: <=2.1.1
- cpe:2.3:a:smartisoft:phpbazar:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:smartisoft:phpbazar:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:smartisoft:phpbazar:2.1.1fix:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.