CVE-2011-1099

FocalMedia.Net Quick Polls < 1.0.1 - Path Traversal and Arbitrary File Deletion via p Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-1099. PoCs published by Mark Stanislav.

AI-analyzed exploit summary This exploit demonstrates local file inclusion (LFI) and local file deletion (LFD) vulnerabilities in 'Quick Polls' 1.0.1 via null-byte attacks against the `fct` and `p` parameters in `index.php`. The PoC requires `magic_quotes_gpc` to be disabled for successful exploitation.

Description

Multiple directory traversal vulnerabilities in FocalMedia.Net Quick Polls before 1.0.2 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the p parameter in a preview action to index.php, or (2) delete arbitrary files via a .. (dot dot) in the p parameter in a delete action to index.php.

Exploits (1)

exploitdb WORKING POC

by Mark Stanislav · textwebappsphp

https://www.exploit-db.com/exploits/16933

View Code ZIP pw:eip

This exploit demonstrates local file inclusion (LFI) and local file deletion (LFD) vulnerabilities in 'Quick Polls' 1.0.1 via null-byte attacks against the `fct` and `p` parameters in `index.php`. The PoC requires `magic_quotes_gpc` to be disabled for successful exploitation.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Quick Polls 1.0.1

No auth needed

Prerequisites: magic_quotes_gpc disabled

MITRE ATT&CK