Description
Directory traversal vulnerability in 404.php in Drake CMS allows remote attackers to include and execute arbitrary local arbitrary files via a .. (dot dot) in the d_private parameter. NOTE: some of these details are obtained from third party information. NOTE: Drake CMS has only a beta version available, and the vendor has previously stated "We do not consider security reports valid until the first official release of Drake CMS."
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by HACKERS PAL · textwebappsphp
https://www.exploit-db.com/exploits/29805
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/23215
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/33331
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/464272
Scores
EPSS
0.0336
EPSS Percentile
87.4%
Details
Status
published
Products (2)
drake_team/drake_cms
0.3.7
drake_team/drake_cms
0.3.7_beta
Published
Apr 03, 2007
Tracked Since
Feb 18, 2026