CVE-2009-2116

SkyBlueCanvas 1.1 r237 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-2116. PoCs published by MaXe.

AI-analyzed exploit summary The exploit describes a directory traversal vulnerability in SkyBlueCanvas 1.1 r237, allowing attackers with administrative privileges to access sensitive files by manipulating the 'dir' parameter in the URL. The provided example demonstrates traversing to the '/etc/' directory.

Description

Directory traversal vulnerability in admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated administrators to list directory contents via a .. (dot dot) in the dir parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by MaXe · textwebappsphp

https://www.exploit-db.com/exploits/34919

View Code ZIP pw:eip

The exploit describes a directory traversal vulnerability in SkyBlueCanvas 1.1 r237, allowing attackers with administrative privileges to access sensitive files by manipulating the 'dir' parameter in the URL. The provided example demonstrates traversing to the '/etc/' directory.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: SkyBlueCanvas 1.1 r237

Auth required

Prerequisites: Administrative privileges

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/35478

Exploit x_refsource_misc

http://forum.intern0t.net/intern0t-advisories/1120-intern0t-skybluecanvas-1-1-r237-multiple-vulnerabilities.html

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/504302/100/0/threaded

Scores

EPSS 0.0239

EPSS Percentile 81.7%

Details

CWE

CWE-22

Status published

Products (1)

skybluecanvas/skybluecanvas 1.1

Published Jun 18, 2009

Tracked Since Feb 18, 2026