3 matches found
CVE-2009-1222
Directory traversal vulnerability in index.php in webEdition 6.0.0.4 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary files via a .. dot dot in the WELANGUAGE parameter...
CVE-2009-1222
CVE-2009-1222 concerns a directory traversal / local file inclusion vulnerability in webEdition CMS 6.0.0.4 and earlier. The flaw is triggered when the WE_LANGUAGE parameter is tainted and the environment has register_globals enabled with magic_quotes_gpc disabled, allowing remote attackers to in...
CVE-2009-1222
creationtimestamp| type| source ---|---|--- 2009-03-31 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8328...