4837 Total CVEs
26 Years
GitHub
Home / 2025 / CVE-2025-8518
README.md
Rendering markdown...
POC / Deployment-Instructions.md MD
⬇ Raw GitHub ✕ Close 
# Prerequisites
Docker
Docker Compose
wget and a standard command-line interface (bash, zsh, etc.)

# 1. Environment Setup & Deployment
These steps will download the vulnerable version of Vvveb CMS and configure a Docker environment to run it.

## Step 1.1: Download Vvveb CMS
```
# Create and navigate to the project directory
mkdir Vvveb-RCE-PoC
cd Vvveb-RCE-PoC

# Download the vulnerable version of Vvveb CMS
wget https://github.com/givanz/Vvveb/releases/download/1.0.5/latest.zip

# Unzip the application files (you will need 'unzip' installed)
# On Debian/Ubuntu: sudo apt-get install unzip
unzip latest.zip
```

## Step 1.2: Configure the Docker Environment
The default Docker setup requires a few modifications to work correctly and build efficiently.

### A. Create a .dockerignore file
This file prevents unnecessary files from being copied into the Docker image, speeding up the build process.
```
cat > .dockerignore << EOL
# Ignore version control files
.git/
.gitignore

# Ignore the large zip file
latest.zip

# Ignore Docker specific files
docker-compose.yaml
Dockerfile

# Ignore local environment and editor files
.env
.vscode/
EOL
```

### B. Modify the Dockerfile

We need to add the 'libicu-dev' package, which is a dependency for the intl PHP extension required by the application.

Find the RUN `apt-get install -y` block in the Dockerfile and add 'libicu-dev \' to the list.

Your modified 'Dockerfile' should look like this:
```
FROM php:8.3-fpm

RUN apt-get clean && apt-get update

RUN apt-get install -y \
  libicu-dev \
  libfreetype6-dev \
  libjpeg62-turbo-dev \
  libxml2-dev \
  libwebp-dev \
  libpng-dev \
  libzip-dev \
  libonig-dev \
  libcurl4-openssl-dev \
  && docker-php-ext-configure gd  --with-webp --with-jpeg\
  && docker-php-ext-install -j$(nproc) gd\
  && docker-php-ext-install xml dom curl mbstring intl gettext\
  && docker-php-ext-install zip\
  && pecl bundle -d /usr/src/php/ext apcu\
  && docker-php-ext-install /usr/src/php/ext/apcu\
# && docker-php-ext-install sqlite3\
  && docker-php-ext-install mysqli

COPY php.ini ${PHP_INI_DIR}
```

### C. Fix Nginx Configuration (502 Bad Gateway)
The default Nginx configuration may not correctly route PHP requests to the PHP-FPM container. We need to ensure the fastcgi_pass directive points to the correct service name (php:9000).
1. Open the Nginx configuration file: nano nginx-docker.conf
2. Locate the location ~ \.php$ block.
3. Ensure the fastcgi_pass line is set to php:9000;.

The corrected block should look like this:
```
# ... other nginx config ...

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;

        # THIS IS THE CRITICAL LINE
        fastcgi_pass   php:9000;

        fastcgi_index  index.php;
        include        fastcgi_params;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param  PATH_INFO $fastcgi_path_info;
    }

# ... other nginx config ...
```

## Step 1.3: Launch the Application
Now, build and run the Docker containers.
```
# Build the images and start the containers in detached mode
sudo docker-compose up -d --build
```

Access the application in your browser, typically at http://localhost:8080. Follow the on-screen installation steps. The default database host should be mysql. Use root for the user and the password you set in docker-compose.yaml.