CVE-2009-1525

CVSS V2 High 8.5 CVSS V3 None
Description
CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action.
Overview
  • CVE ID
  • CVE-2009-1525
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Modified
  • Published Version
  • 2009-05-05T20:30:00
  • Last Modified Date
  • 2017-08-17T01:30:23
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:jbmc-software:directadmin:*:*:*:*:*:*:*:* 1 OR 1.333
cpe:2.3:a:jbmc-software:directadmin:0.95:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.01:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.02:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.03:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.04:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.05:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.06:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.07:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.08:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.09:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.19:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.24:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.25:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.26:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.27:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.28:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.29:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.31:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.32:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.33:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.081:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.111:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.121:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.151:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.152:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.161:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.171:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.172:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.173:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.174:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.181:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.192:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.193:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.195:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.196:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.201:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.202:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.203:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.204:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.205:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.206:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.207:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.211:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.212:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.213:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.221:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.222:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.223:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.224:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.225:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.226:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.231:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.232:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.233:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.234:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.235:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.241:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.242:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.243:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.244:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.251:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.252:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.253:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.254:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.255:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.261:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.262:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.263:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.264:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.265:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.266:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.273:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.274:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.275:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.281:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.282:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.285:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.286:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.291:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.292:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.293:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.294:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.295:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.296:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.297:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.301:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.302:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.311:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.312:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.313:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.314:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.315:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.321:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.322:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.323:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.331:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.332:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.1741:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:jbmc-software:directadmin:1.1941:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:M/Au:S/C:C/I:C/A:C
  • Access Vector
  • NETWORK
  • Access Compatibility
  • MEDIUM
  • Authentication
  • SINGLE
  • Confidentiality Impact
  • COMPLETE
  • Integrity Impact
  • COMPLETE
  • Availability Impact
  • COMPLETE
  • Base Score
  • 8.5
  • Severity
  • HIGH
  • Exploitability Score
  • 6.8
  • Impact Score
  • 10
History
Created Old Value New Value Data Type Notes
2022-05-10 09:01:12 Added to TrackCVE