EIP-2026-100936

PRE-CVE

Wordit Logbook 098b3 - Logbook.pl Remote Command Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100936. PoCs published by Aleksey Sintsov.

AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in Wordit Logbook's 'logbook.pl' script, allowing remote command execution via path manipulation. The PoC shows how an attacker can read arbitrary files by injecting commands through the 'file' parameter.

Description

Wordit Logbook 098b3 - Logbook.pl Remote Command Execution

Exploits (1)

exploitdb WORKING POC VERIFIED

by Aleksey Sintsov · textwebappscgi

https://www.exploit-db.com/exploits/22337

View Code ZIP pw:eip

This exploit demonstrates a directory traversal vulnerability in Wordit Logbook's 'logbook.pl' script, allowing remote command execution via path manipulation. The PoC shows how an attacker can read arbitrary files by injecting commands through the 'file' parameter.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Wordit Logbook version 098b3 and prior

No auth needed

Prerequisites: Network access to the target application · Wordit Logbook installed with vulnerable version

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1005 - Data from Local System

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026