CVE-2009-1222

webEdition <= 6.0.0.4 - Remote File Inclusion via WE_LANGUAGE Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-1222. PoCs published by Salvatore Fresta.

AI-analyzed exploit summary This exploit demonstrates a Local File Inclusion (LFI) vulnerability in webEdition <= 6.0.0.4, allowing remote attackers to read arbitrary files (e.g., /etc/passwd) by manipulating the WE_LANGUAGE parameter. The vulnerability requires register_globals to be enabled.

Description

Directory traversal vulnerability in index.php in webEdition 6.0.0.4 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the WE_LANGUAGE parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Salvatore Fresta · textwebappsphp

https://www.exploit-db.com/exploits/8328

View Code ZIP pw:eip

This exploit demonstrates a Local File Inclusion (LFI) vulnerability in webEdition <= 6.0.0.4, allowing remote attackers to read arbitrary files (e.g., /etc/passwd) by manipulating the WE_LANGUAGE parameter. The vulnerability requires register_globals to be enabled.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: webEdition <= 6.0.0.4

No auth needed

Prerequisites: register_globals = on

MITRE ATT&CK