CVE-2007-1849

Drake CMS - Directory Traversal and Arbitrary File Execution via d_private Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1849. PoCs published by HACKERS PAL.

AI-analyzed exploit summary This exploit demonstrates a local file inclusion (LFI) vulnerability in Drake CMS 0.3.7 Beta by manipulating the 'd_private' parameter in the 404.php file to include arbitrary files (e.g., /etc/passwd). The vulnerability arises from insufficient input sanitization.

Description

Directory traversal vulnerability in 404.php in Drake CMS allows remote attackers to include and execute arbitrary local arbitrary files via a .. (dot dot) in the d_private parameter. NOTE: some of these details are obtained from third party information. NOTE: Drake CMS has only a beta version available, and the vendor has previously stated "We do not consider security reports valid until the first official release of Drake CMS."

Exploits (1)

exploitdb WORKING POC VERIFIED
by HACKERS PAL · textwebappsphp
https://www.exploit-db.com/exploits/29805

This exploit demonstrates a local file inclusion (LFI) vulnerability in Drake CMS 0.3.7 Beta by manipulating the 'd_private' parameter in the 404.php file to include arbitrary files (e.g., /etc/passwd). The vulnerability arises from insufficient input sanitization.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Drake CMS 0.3.7 Beta
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/23215
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/33331
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/464272

Scores

EPSS 0.0244
EPSS Percentile 82.1%

Details

Status published
Products (2)
drake_team/drake_cms 0.3.7
drake_team/drake_cms 0.3.7_beta
Published Apr 03, 2007
Tracked Since Feb 18, 2026