This is a detailed vulnerability writeup describing an authentication bypass in Kirby CMS <= 2.1.0 via path traversal. The exploit allows an attacker in a shared hosting environment to bypass authentication by writing a malicious credentials file in a public directory and using path traversal sequences in the username field.
Classification
Writeup 100%
Target:
Kirby CMS <= 2.1.0
No auth needed
Prerequisites:
Shared hosting environment · Ability to write files to a public directory accessible by the victim site