CVE-2018-1263

MEDIUM LAB

Spring Integration Zip < 1.0.2 - Arbitrary File Write via Path Traversal in Archive Extraction

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-1263. PoCs published by sakib570.

AI-analyzed exploit summary This repository provides a detailed exploit demonstration for CVE-2018-1263, a vulnerability in phpMyAdmin 4.8.x before 4.8.2. The exploit leverages a path validation bypass to achieve remote code execution (RCE) and local file inclusion (LFI) via a crafted `target` parameter.

Description

Addresses partial fix in CVE-2018-1261. Pivotal spring-integration-zip, versions prior to 1.0.2, exposes an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z), that holds path traversal filenames. So when the filename gets concatenated to the target extraction directory, the final path ends up outside of the target folder.

Exploits (1)

nomisec WORKING POC 1 stars

by sakib570 · poc

https://github.com/sakib570/CVE-2018-1263-Demo

View Code ZIP pw:eip

This repository provides a detailed exploit demonstration for CVE-2018-1263, a vulnerability in phpMyAdmin 4.8.x before 4.8.2. The exploit leverages a path validation bypass to achieve remote code execution (RCE) and local file inclusion (LFI) via a crafted `target` parameter.

Classification

Working Poc 95%

Attack Type

Rce | Lfi

Complexity

Moderate

Reliability

Reliable

Target: phpMyAdmin 4.8.x before 4.8.2

Auth required

Prerequisites: Access to phpMyAdmin with authentication (or bypass via specific configurations) · Ability to craft HTTP requests with malicious `target` parameter

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/104179

Vendor Advisory x_refsource_confirm

https://pivotal.io/security/cve-2018-1263

Scores

CVSS v3 4.7

EPSS 0.0073

EPSS Percentile 73.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

Lab Environment

COMMUNITY

Community Lab

docker pull vulhub/phpmyadmin:4.8.1

docker pull mysql:latest

https://github.com/sakib570/CVE-2018-1263-Demo

View in Library

Details

CWE

CWE-22

Status published

Products (2)

org.springframework.integration/spring-integration-zip 0 - 1.0.2Maven

vmware/spring_integration_zip < 1.0.2

Published May 15, 2018

Tracked Since Feb 18, 2026