Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-102215. PoCs published by Vulnerability-Lab.
AI-analyzed exploit summary This is a detailed vulnerability writeup describing a directory traversal vulnerability in Album Streamer v2.0 iOS. The vulnerability allows remote attackers to access arbitrary files on the device via the `id` parameter in the `photoDownload` module.
Description
Album Streamer 2.0 iOS - Directory Traversal
Exploits (1)
exploitdb
WRITEUP
by Vulnerability-Lab · textwebappsios
https://www.exploit-db.com/exploits/36943
This is a detailed vulnerability writeup describing a directory traversal vulnerability in Album Streamer v2.0 iOS. The vulnerability allows remote attackers to access arbitrary files on the device via the `id` parameter in the `photoDownload` module.
Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
Album Streamer v2.0 iOS
No auth needed
Prerequisites:
Network access to the vulnerable iOS device
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026