CVE-2015-1577

u5CMS < 3.9.3 - Path Traversal and Arbitrary File Write via f Parameter

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2015-1577. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates an arbitrary file deletion vulnerability in u5CMS 3.9.3 via the 'deletefile.php' script. The 'f' parameter is not properly sanitized, allowing directory traversal or absolute path manipulation to delete files with web server permissions.

Description

Directory traversal vulnerability in u5admin/deletefile.php in u5CMS before 3.9.4 allows remote attackers to write to arbitrary files via a (1) .. (dot dot) or (2) full pathname in the f parameter.

Exploits (2)

exploitdb WORKING POC

by LiquidWorm · textwebappsphp

https://www.exploit-db.com/exploits/36026

View Code ZIP pw:eip

This exploit demonstrates an arbitrary file deletion vulnerability in u5CMS 3.9.3 via the 'deletefile.php' script. The 'f' parameter is not properly sanitized, allowing directory traversal or absolute path manipulation to delete files with web server permissions.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: u5CMS 3.9.3 and 3.9.2

No auth needed

Prerequisites: Access to the 'deletefile.php' script · Knowledge of the target file path

MITRE ATT&CK

T1059.007 - JavaScript T1003.002 - Security Account Manager

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC

pythonremotewindows

https://www.exploit-db.com/exploits/36025

View Code ZIP pw:eip

This Python script exploits a buffer overflow vulnerability in Achat 0.150 beta7 by sending a crafted UDP packet with a malicious payload to trigger remote code execution (calc.exe). The payload is generated using msfvenom and includes a unicode-mixed encoder to bypass bad characters.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Achat 0.150 beta7

No auth needed

Prerequisites: Network access to the target server · Target running Achat 0.150 beta7 on Windows 7 32-bit

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/36026

Exploit x_refsource_misc

http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5226.php

Exploit x_refsource_misc

http://packetstormsecurity.com/files/130325/u5CMS-3.9.3-Arbitrary-File-Deletion.html

Scores

EPSS 0.0727

EPSS Percentile 93.5%

Details

CWE

CWE-22

Status published

Products (1)

yuba/u5cms < 3.9.3

Published Feb 11, 2015

Tracked Since Feb 18, 2026