CVE-2018-25164

HIGH

EverSync 0.5 - Unauthenticated Arbitrary File Download via Files Directory

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-25164. PoCs published by Ihsan Sencan.

AI-analyzed exploit summary This exploit demonstrates an arbitrary file download vulnerability in EverSync 0.5 by directly accessing the database file (db.sq3) via an HTTP GET request. The PoC includes a raw HTTP request and response, confirming the vulnerability allows unauthorized access to sensitive files.

Description

EverSync 0.5 contains an arbitrary file download vulnerability that allows unauthenticated attackers to access sensitive files by requesting them directly from the files directory. Attackers can send GET requests to the files directory to download database files like db.sq3 containing application data and credentials.

Exploits (1)

exploitdb WORKING POC
by Ihsan Sencan · textwebappsphp
https://www.exploit-db.com/exploits/45868

This exploit demonstrates an arbitrary file download vulnerability in EverSync 0.5 by directly accessing the database file (db.sq3) via an HTTP GET request. The PoC includes a raw HTTP request and response, confirming the vulnerability allows unauthorized access to sensitive files.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: EverSync 0.5
No auth needed
Prerequisites: Network access to the target server · Knowledge of the application path
devstral-2 · analyzed Mar 06, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/45868

Scores

CVSS v3 7.5
EPSS 0.0027
EPSS Percentile 17.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-552
Status published
Published Mar 06, 2026
Tracked Since Mar 06, 2026