Directory Traversal Vulnerability in ProActive CMS by ProActive
CVE-2008-4187

Currently unrated

Key Information:

Vendor: Proactive Cms
Status: Proactive Cms
Vendor: CVE Published:; 23 September 2008

🔔 Create Proactive Cms Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2008-4187?

A directory traversal vulnerability exists in the index.php file of ProActive CMS, which enables remote attackers to exploit the system. By manipulating the template parameter with sequences like '..', they can gain unauthorized access to arbitrary files on the server. This weakness emphasizes the importance of implementing secure coding practices to prevent unauthorized file access and protect sensitive data.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2008-4187 - Proof of Concept

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45235

vdb-entryx_refsource_XF

https://www.exploit-db.com/exploits/6489

exploitx_refsource_EXPLOIT-DB

http://securityreason.com/securityalert/4315

third-party-advisoryx_refsource_SREASON

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Sep 23, 2008
👾
Exploit known to exist
Sep 23, 2008
Vulnerability published
Sep 23, 2008
Vulnerability Reserved
Sep 23, 2008

CVE-2008-4187 Data

JSON