EIP-2026-100370

PRE-CVE

ifnuke - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100370. PoCs published by Abysssec.

AI-analyzed exploit summary This advisory details multiple vulnerabilities in IfNuke 4.0.0, including arbitrary file upload and persistent XSS. It provides technical descriptions and code snippets but lacks executable exploit code.

Description

ifnuke - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP VERIFIED

by Abysssec · textwebappsasp

https://www.exploit-db.com/exploits/14898

View Code ZIP pw:eip

This advisory details multiple vulnerabilities in IfNuke 4.0.0, including arbitrary file upload and persistent XSS. It provides technical descriptions and code snippets but lacks executable exploit code.

Classification

Writeup 90%

Attack Type

Xss | Other

Complexity

Moderate

Reliability

Theoretical

Target: IfNuke 4.0.0

Auth required

Prerequisites: Access to vulnerable endpoints · Valid session/credentials for authenticated modules

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026