VYPR
Critical severity9.8NVD Advisory· Published Jan 6, 2010· Updated Jun 16, 2026

CVE-2009-4581

CVE-2009-4581

Description

Directory traversal vulnerability in modules/admincp.php in RoseOnlineCMS 3 B1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the admin parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:roseonlinecms:roseonlinecms:*:b1:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:roseonlinecms:roseonlinecms:*:b1:*:*:*:*:*:*range: <=3
    • (no CPE)range: <=3 B1

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.