CVE-2008-7124

zKup CMS 2.0-2.3 - Unauthenticated Privilege Escalation via Direct Admin Configuration Access

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-7124. PoCs published by Charles Fol.

AI-analyzed exploit summary This exploit adds an admin user to zKup CMS versions 2.0 to 2.3 by sending a crafted POST request to the admin configuration page. It bypasses authentication by directly submitting user credentials and privilege level to the vulnerable endpoint.

Description

zKup CMS 2.0 through 2.3 does not require administrative authentication for admin/configuration/modifier.php, which allows remote attackers to gain administrator privileges via a direct request, as demonstrated by adding a new administrator.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Charles Fol · phpwebappsphp

https://www.exploit-db.com/exploits/5219

View Code ZIP pw:eip

This exploit adds an admin user to zKup CMS versions 2.0 to 2.3 by sending a crafted POST request to the admin configuration page. It bypasses authentication by directly submitting user credentials and privilege level to the vulnerable endpoint.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: zKup CMS v2.0 to v2.3

No auth needed

Prerequisites: Target URL · Desired admin username · Desired admin password

MITRE ATT&CK

T1110.001 - Password Guessing T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Charles Fol · phpwebappsphp

https://www.exploit-db.com/exploits/5220

View Code ZIP pw:eip

This exploit leverages a NULL byte injection vulnerability in zKup CMS v2.0 to v2.3 to bypass input validation and inject malicious PHP code into the configuration file, resulting in arbitrary file upload functionality. The exploit requires magic_quotes_gpc to be off and targets the admin configuration modifier script.