CVE-2008-0465

Seagull 0.6.3 - Path Traversal via Files Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0465. PoCs published by fuzion.

AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in Seagull STABLE 0.6.3 via the 'optimizer.php' script. The vulnerability allows an attacker to read arbitrary files on the server by manipulating the 'files' parameter.

Description

Directory traversal vulnerability in optimizer.php in Seagull 0.6.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the files parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by fuzion · textwebappsphp

https://www.exploit-db.com/exploits/4980

View Code ZIP pw:eip

This exploit demonstrates a directory traversal vulnerability in Seagull STABLE 0.6.3 via the 'optimizer.php' script. The vulnerability allows an attacker to read arbitrary files on the server by manipulating the 'files' parameter.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Seagull STABLE 0.6.3

No auth needed

Prerequisites: Access to the vulnerable 'optimizer.php' script

MITRE ATT&CK