CVE-2009-3705

Published: Oct 16, 2009Modified: Apr 23, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

PHP remote file inclusion vulnerability in debugger.php in Achievo before 1.4.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.

Affected (32)

Products: Achievo: Achievo

Achievo

1 product

Achievo

Configuration A

32 vulnerable

Vulnerable Software	Affected Versions
Achievo Achievo	Up to 1.3.4
Achievo Achievo	Version 0.7.0
Achievo Achievo	Version 0.7.1
Achievo Achievo	Version 0.7.2
Achievo Achievo	Version 0.7.3
Achievo Achievo	Version 0.8.0
Achievo Achievo	Version 0.8.0 rc1
Achievo Achievo	Version 0.8.0 rc2
Achievo Achievo	Version 0.8.1
Achievo Achievo	Version 0.9.0
Achievo Achievo	Version 0.9.1
Achievo Achievo	Version 1.0.0
Achievo Achievo	Version 1.0.0 rc1
Achievo Achievo	Version 1.0.0 rc2
Achievo Achievo	Version 1.0.0 rc3
Achievo Achievo	Version 1.0.1
Achievo Achievo	Version 1.0.2
Achievo Achievo	Version 1.0.3
Achievo Achievo	Version 1.0.4
Achievo Achievo	Version 1.1.0
Achievo Achievo	Version 1.1.0 rc1
Achievo Achievo	Version 1.1.0 rc2
Achievo Achievo	Version 1.1.0 rc3
Achievo Achievo	Version 1.2.0
Achievo Achievo	Version 1.2.0 rc1
Achievo Achievo	Version 1.2.1
Achievo Achievo	Version 1.3.0
Achievo Achievo	Version 1.3.0 rc1
Achievo Achievo	Version 1.3.0 rc2
Achievo Achievo	Version 1.3.1
Achievo Achievo	Version 1.3.2
Achievo Achievo	Version 1.3.3