CVE-2018-8056

HIGH

Western Bridge Cobub Razor <0.8.0 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-8056. PoCs published by Kyhvedn.

AI-analyzed exploit summary This exploit demonstrates a physical path leakage vulnerability in Cobub Razor 0.8.0 by accessing specific endpoints that expose sensitive information. The PoC includes URLs and HTTP methods to trigger the vulnerability, primarily targeting misconfigured or exposed test and controller files.

Description

Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via an invalid channel_name parameter to /index.php?/manage/channel/addchannel or a direct request to /export.php.

Exploits (1)

exploitdb WORKING POC
by Kyhvedn · textwebappsphp
https://www.exploit-db.com/exploits/44495

This exploit demonstrates a physical path leakage vulnerability in Cobub Razor 0.8.0 by accessing specific endpoints that expose sensitive information. The PoC includes URLs and HTTP methods to trigger the vulnerability, primarily targeting misconfigured or exposed test and controller files.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Cobub Razor 0.8.0
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/cobub/razor/issues/162
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44495/

Scores

CVSS v3 7.5
EPSS 0.1342
EPSS Percentile 96.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (1)
cobub/razor 0.8.0
Published Mar 11, 2018
Tracked Since Feb 18, 2026