CVE-2009-0886

oneorzero_helpdesk <= 1.6.5.7 - Path Traversal via Default Language Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-0886. PoCs published by dun.

AI-analyzed exploit summary This is a writeup detailing a Local File Inclusion (LFI) vulnerability in OneOrZero Helpdesk <= 1.6.5.7. The vulnerability is due to improper handling of the 'default_language' parameter in login.php, allowing path traversal when register_globals is enabled and magic_quotes_gpc is disabled.

Description

Directory traversal vulnerability in login.php in OneOrZero Helpdesk 1.6.5.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the default_language parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by dun · textwebappsphp
https://www.exploit-db.com/exploits/8168

This is a writeup detailing a Local File Inclusion (LFI) vulnerability in OneOrZero Helpdesk <= 1.6.5.7. The vulnerability is due to improper handling of the 'default_language' parameter in login.php, allowing path traversal when register_globals is enabled and magic_quotes_gpc is disabled.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: OneOrZero Helpdesk <= 1.6.5.7
No auth needed
Prerequisites: register_globals = On · magic_quotes_gpc = Off
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/8169
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/49114
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/34029
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/8168

Scores

EPSS 0.0654
EPSS Percentile 92.9%

Details

CWE
CWE-22
Status published
Products (10)
oneorzero/oneorzero_helpdesk 1.4_rc4
oneorzero/oneorzero_helpdesk 1.6
oneorzero/oneorzero_helpdesk 1.6.3
oneorzero/oneorzero_helpdesk 1.6.3.0
oneorzero/oneorzero_helpdesk 1.6.4
oneorzero/oneorzero_helpdesk 1.6.4.1
oneorzero/oneorzero_helpdesk 1.6.4.2
oneorzero/oneorzero_helpdesk 1.6.5.3
oneorzero/oneorzero_helpdesk 1.6.5.4
oneorzero/oneorzero_helpdesk < 1.6.5.7
Published Mar 12, 2009
Tracked Since Feb 18, 2026