CVE-2026-39292

HIGH

Falco Solutions PHPPageBuilder 0.31.0 - Unauthenticated Remote Code Execution via Unrestricted File Upload

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-39292. PoCs published by krishnadevpmelevila.

AI-analyzed exploit summary The repository contains only a README with minimal details about CVE-2026-39292, lacking exploit code or technical analysis. It appears to be a placeholder or lure.

Description

Falco Solutions PHPPageBuilder v0.31.0 contains an unrestricted file upload vulnerability in the pagemanager/pagebuilder module that allows remote attackers to upload arbitrary files and achieve remote code execution. The vulnerability exists due to insufficient validation of uploaded file types and executable content.

Exploits (1)

github SUSPICIOUS

by krishnadevpmelevila · poc

https://github.com/krishnadevpmelevila/CVE-2026-39292

View Code ZIP pw:eip

The repository contains only a README with minimal details about CVE-2026-39292, lacking exploit code or technical analysis. It appears to be a placeholder or lure.

Classification

Suspicious 90%

Attack Type

Rce

Complexity

Theoretical

Reliability

Theoretical

Target: Falco Solutions PHPPageBuilder v0.31.0

No auth needed

Prerequisites: none specified

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 29, 2026 Full analysis →

References (2)

Core 2

Core References

https://github.com/HansSchouten/PHPageBuilder

View Writeup ZIP pw:eip

https://github.com/krishnadevpmelevila/CVE-2026-39292/tree/main

View Exploit ZIP pw:eip

Scores

CVSS v3 7.3

EPSS 0.0030

EPSS Percentile 53.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Details

CWE

CWE-434

Status published

Published May 29, 2026

Tracked Since May 29, 2026