CVE-2009-1912

webSPELL <4.2.0e - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in src/func/language.php in webSPELL 4.2.0e and earlier allows remote attackers to include and execute arbitrary local .php files via a .. (dot dot) in a language cookie. NOTE: this can be leveraged for SQL injection by including awards.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by DNX · perlwebappsphp

https://www.exploit-db.com/exploits/8622

View Code ZIP pw:eip

References (9)

[Third Party Advisory, VDB Entry] http://osvdb.org/54295

[Vendor Advisory] http://secunia.com/advisories/35016

[Patch] http://www.osvdb.org/54296

[Exploit, Patch] http://www.securityfocus.com/bid/34862

[Patch] http://www.webspell.org/

[Patch] http://www.webspell.org/index.php?site=files&file=30

[Patch] http://www.webspell.org/index.php?site=news_comments&newsID=130

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/50395

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/8622

Scores

EPSS 0.0098

EPSS Percentile 76.9%

Details

CWE

CWE-22

Status published

Products (11)

webspell/webspell 4.0

webspell/webspell 4.0.2c

webspell/webspell 4.1

webspell/webspell 4.01.00

webspell/webspell 4.1.1

webspell/webspell 4.01.01

webspell/webspell 4.01.02

webspell/webspell 4.1.2

webspell/webspell 4.2.0c

webspell/webspell 4.2.0d

... and 1 more

Published Jun 04, 2009

Tracked Since Feb 18, 2026