VYPR
Unrated severityNVD Advisory· Published Dec 7, 2009· Updated Jun 16, 2026

CVE-2009-4223

CVE-2009-4223

Description

PHP remote file inclusion vulnerability in adm/krgourl.php in KR-Web 1.1b2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • cpe:2.3:a:gianni_tommasi:kr-php_web_content_server:1.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:gianni_tommasi:kr-php_web_content_server:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gianni_tommasi:kr-php_web_content_server:1.1:beta:*:*:*:*:*:*
    • cpe:2.3:a:gianni_tommasi:kr-php_web_content_server:*:beta_2:*:*:*:*:*:*range: <=1.1
  • KR-Web/KR-Webllm-fuzzy
    Range: <=1.1b2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.