EIP-2026-100568

PRE-CVE

SOOP Portal 2.0 - Arbitrary File Upload

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100568. PoCs published by Net.Edit0r.

AI-analyzed exploit summary This is a writeup describing a remote file upload vulnerability in SOOP Portal 2.0, allowing attackers to upload malicious ASP files disguised as images. The exploit involves registering on the site, navigating to the avatar upload section, and bypassing file extension restrictions.

Description

SOOP Portal 2.0 - Arbitrary File Upload

Exploits (1)

exploitdb WRITEUP

by Net.Edit0r · textwebappsasp

https://www.exploit-db.com/exploits/15690

View Code ZIP pw:eip

This is a writeup describing a remote file upload vulnerability in SOOP Portal 2.0, allowing attackers to upload malicious ASP files disguised as images. The exploit involves registering on the site, navigating to the avatar upload section, and bypassing file extension restrictions.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: SOOP Portal 2.0

Auth required

Prerequisites: valid user account on the target system · access to the avatar upload functionality

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1505.003 - Web Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026