CVE-2012-2227

PluXml < 5.1.5 - Path Traversal via default_lang Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-2227. PoCs published by High-Tech Bridge SA.

AI-analyzed exploit summary This advisory describes a Local File Inclusion (LFI) vulnerability in PluXml 5.1.5, where the 'default_lang' POST parameter in /update/index.php is not properly sanitized, allowing directory traversal and inclusion of arbitrary local files. The PoC demonstrates exploiting this via URL-encoded NULL bytes to read /etc/passwd.

Description

Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter.

Exploits (1)

exploitdb WRITEUP

by High-Tech Bridge SA · textwebappsphp

https://www.exploit-db.com/exploits/18828

View Code ZIP pw:eip

This advisory describes a Local File Inclusion (LFI) vulnerability in PluXml 5.1.5, where the 'default_lang' POST parameter in /update/index.php is not properly sanitized, allowing directory traversal and inclusion of arbitrary local files. The PoC demonstrates exploiting this via URL-encoded NULL bytes to read /etc/passwd.

Classification

Writeup 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: PluXml 5.1.5 and prior

No auth needed

Prerequisites: Access to the /update/index.php endpoint

devstral-2 · analyzed Feb 16, 2026 Full analysis →