EIP-2026-102228

PRE-CVE

ePhoto Transfer 1.2.1 iOS - Multiple Vulnerabilities

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102228. PoCs published by Vulnerability-Lab.

AI-analyzed exploit summary This is a vulnerability writeup detailing multiple issues in ePhoto Transfer v1.2.1 iOS app, including local command/path injection, remote DoS, and client-side XSS. No functional exploit code is provided, only PoC descriptions.

Description

ePhoto Transfer 1.2.1 iOS - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP
by Vulnerability-Lab · textwebappsios
https://www.exploit-db.com/exploits/26954

This is a vulnerability writeup detailing multiple issues in ePhoto Transfer v1.2.1 iOS app, including local command/path injection, remote DoS, and client-side XSS. No functional exploit code is provided, only PoC descriptions.

Classification
Writeup 90%
Attack Type
Xss | Dos | Other
Complexity
Moderate
Reliability
Theoretical
Target: ePhoto Transfer v1.2.1 iOS
No auth needed
Prerequisites: Physical device access for command injection · Network access to the app's web interface for DoS/XSS
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026