CVE-2009-1912

webSPELL < 4.2.0e - Path Traversal via Language Cookie

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-1912. PoCs published by DNX.

AI-analyzed exploit summary This exploit leverages a blind SQL injection vulnerability in webSPELL <= v4.2.0e by combining cookie manipulation, LFI, and SQLi techniques to bypass security checks and extract database information.

Description

Directory traversal vulnerability in src/func/language.php in webSPELL 4.2.0e and earlier allows remote attackers to include and execute arbitrary local .php files via a .. (dot dot) in a language cookie. NOTE: this can be leveraged for SQL injection by including awards.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by DNX · perlwebappsphp

https://www.exploit-db.com/exploits/8622

View Code ZIP pw:eip

This exploit leverages a blind SQL injection vulnerability in webSPELL <= v4.2.0e by combining cookie manipulation, LFI, and SQLi techniques to bypass security checks and extract database information.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Complex

Reliability

Reliable

Target: webSPELL <= v4.2.0e

No auth needed

Prerequisites: Target must have at least 2 awards in the database · Cookie manipulation must be possible

MITRE ATT&CK