CVE-2009-1226

Podcast Generator <= 1.1 - Unauthenticated Arbitrary File Deletion via Admin Delete Endpoint

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-1226. PoCs published by BlackHawk.

AI-analyzed exploit summary This exploit targets Podcast Generator <= 1.1 by deleting the config file and reconfiguring it with malicious code to achieve remote code execution. It leverages unauthenticated file deletion and unsanitized input in the configuration script.

Description

core/admin/delete.php in Podcast Generator 1.1 and earlier does not properly restrict access to administrative functions, which allows remote attackers to delete arbitrary files via the file parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by BlackHawk · phpwebappsphp
https://www.exploit-db.com/exploits/8324

This exploit targets Podcast Generator <= 1.1 by deleting the config file and reconfiguring it with malicious code to achieve remote code execution. It leverages unauthenticated file deletion and unsanitized input in the configuration script.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Podcast Generator <= 1.1
No auth needed
Prerequisites: Network access to the target · Podcast Generator <= 1.1 installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/34317
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/34555
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/8324

Scores

EPSS 0.0235
EPSS Percentile 81.5%

Details

CWE
CWE-264
Status published
Products (18)
podcast_generator/podcast_generator 0.6
podcast_generator/podcast_generator 0.8
podcast_generator/podcast_generator 0.9
podcast_generator/podcast_generator 0.81
podcast_generator/podcast_generator 0.91
podcast_generator/podcast_generator 0.92
podcast_generator/podcast_generator 0.93
podcast_generator/podcast_generator 0.94
podcast_generator/podcast_generator 0.95
podcast_generator/podcast_generator 0.96
... and 8 more
Published Apr 02, 2009
Tracked Since Feb 18, 2026