CVE-2018-18760

MEDIUM

RhinOS 3.0 build 1190 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-18760. PoCs published by Ihsan Sencan.

AI-analyzed exploit summary This exploit demonstrates an arbitrary file download vulnerability in RhinOS CMS 3.x due to improper path traversal validation in the download.php script. The PoC shows how an attacker can download sensitive files like config.php by manipulating the 'file' parameter.

Description

RhinOS 3.0 build 1190 allows CSRF.

Exploits (1)

exploitdb WORKING POC
by Ihsan Sencan · textwebappsphp
https://www.exploit-db.com/exploits/45729

This exploit demonstrates an arbitrary file download vulnerability in RhinOS CMS 3.x due to improper path traversal validation in the download.php script. The PoC shows how an attacker can download sensitive files like config.php by manipulating the 'file' parameter.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: RhinOS CMS 3.x
Auth required
Prerequisites: Valid session cookie (PHPSESSID) · Access to the admin panel
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/45729/
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/150018/RhinOS-CMS-3.x-Arbitrary-File-Download.html

Scores

CVSS v3 6.5
EPSS 0.0263
EPSS Percentile 83.5%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE
CWE-352
Status published
Products (1)
saltos/rhinos 3.0
Published Nov 16, 2018
Tracked Since Feb 18, 2026