This exploit demonstrates an arbitrary file download vulnerability in Navigate CMS 2.8.5 by manipulating the 'id' parameter in navigate_download.php to traverse directories and download sensitive files like globals.php or win.ini.
Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:Navigate CMS 2.8.5
Auth required
Prerequisites:User+ profile access · Valid session cookies