{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T06:46:11.593","vulnerabilities":[{"cve":{"id":"CVE-2009-1512","sourceIdentifier":"cve@mitre.org","published":"2009-05-01T22:30:00.187","lastModified":"2025-04-09T00:30:58.490","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Static code injection vulnerability in X-Forum 0.6.2 allows remote authenticated administrators to inject arbitrary PHP code into Config.php via the adminEMail parameter to SaveConfig.php."},{"lang":"es","value":"Vulnerabilidad de inyección de código estático en X-Forum v0.6.2 permite a los administradores remotos autenticados inyectar código PHP arbitrario en Config.php a traves del parámetro adminEMail a SaveConfig.php."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:keir_davis:x-forum:0.6.2:*:*:*:*:*:*:*","matchCriteriaId":"E9C38264-7B0D-4E21-B493-7C7D6474AB6C"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/50390","source":"cve@mitre.org"},{"url":"https://www.exploit-db.com/exploits/8317","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/50390","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.exploit-db.com/exploits/8317","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}