CVE-2015-1578

u5CMS < 3.9.3 - Open Redirect via pidvesa Cookie or uri Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2015-1578. PoCs published by KAhara MAnhara, yaldobaoth, Zeppperoni.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Achat 0.150 beta7, leveraging a crafted UDP packet to execute arbitrary code (calc.exe) via a msfvenom-generated payload. The payload is designed to bypass bad characters and trigger a reverse shell or command execution.

Description

Multiple open redirect vulnerabilities in u5CMS before 3.9.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) pidvesa cookie to u5admin/pidvesa.php or (2) uri parameter to u5admin/meta2.php.

Exploits (4)

exploitdb WORKING POC
by KAhara MAnhara · pythonremotewindows
https://www.exploit-db.com/exploits/36025

This exploit targets a buffer overflow vulnerability in Achat 0.150 beta7, leveraging a crafted UDP packet to execute arbitrary code (calc.exe) via a msfvenom-generated payload. The payload is designed to bypass bad characters and trigger a reverse shell or command execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Achat 0.150 beta7
No auth needed
Prerequisites: Network access to the target · Target running Achat 0.150 beta7 on Windows
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by yaldobaoth · poc
https://github.com/yaldobaoth/CVE-2015-1578-PoC-Metasploit

This is a Metasploit module for CVE-2015-1578, a buffer overflow vulnerability in Achat 0.150 beta7 on Windows. It exploits the vulnerability via a crafted UDP packet to achieve remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Achat 0.150 beta7
No auth needed
Prerequisites: Metasploit Framework · msfvenom in PATH · Network access to target UDP port
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by yaldobaoth · poc
https://github.com/yaldobaoth/CVE-2015-1578-PoC

This is a functional proof-of-concept exploit for CVE-2015-1578, targeting a buffer overflow in Achat 0.150 beta7 on Windows. It dynamically generates a Unicode-encoded reverse shell payload using msfvenom and delivers it via UDP to achieve remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Achat 0.150 beta7
No auth needed
Prerequisites: Python 3 · msfvenom · rlwrap · network access to target UDP port
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by Zeppperoni · poc
https://github.com/Zeppperoni/CVE-2015-1578

This repository contains a Python3 rewrite of a remote buffer overflow exploit for Achat 0.150 beta7, designed to deliver a reverse shell via a crafted payload generated using msfvenom. The exploit targets a vulnerability in the Achat software, leveraging a buffer overflow to achieve remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Achat 0.150 beta7
No auth needed
Prerequisites: Target running Achat 0.150 beta7 on Windows 7 32-bit · Network access to the target · msfvenom to generate the payload
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

EPSS 0.0624
EPSS Percentile 92.6%

Details

Status published
Products (1)
yuba/u5cms < 3.9.3
Published Feb 11, 2015
Tracked Since Feb 18, 2026