Unrated severityNVD Advisory· Published May 25, 2015· Updated Jun 17, 2026
CVE-2015-2945
CVE-2015-2945
Description
mt-phpincgi.php in Hajime Fujimoto mt-phpincgi before 2015-05-15 does not properly restrict URLs, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted request, as exploited in the wild in May 2015.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:h-fj:mt-phpincgi:-:*:*:*:*:*:*:*
- Range: < 2015-05-15
Patches
Vulnerability mechanics
References
3- www.h-fj.com/blog/archives/2015/05/15-112843.phpnvdExploitVendor Advisory
- jvn.jp/en/jp/JVN64459670/index.htmlnvdVendor Advisory
- jvndb.jvn.jp/jvndb/JVNDB-2015-000067nvdVendor Advisory
News mentions
0No linked articles in our index yet.