EIP-2026-100550

This exploit leverages a file upload vulnerability in Sitefinity CMS (ASP.NET) versions 3.x to 4.0, allowing an attacker to upload a malicious ASP file disguised as an image (e.g., shell.asp;.jpg) via the ImageEditorDialog.aspx endpoint, leading to remote code execution.