EIP-2026-102275

PRE-CVE

Photo Transfer Upload 1.0 iOS - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102275. PoCs published by Vulnerability-Lab.

AI-analyzed exploit summary The document describes multiple vulnerabilities in Photo Transfer Upload v1.0 iOS app, including local file inclusion, arbitrary file upload, and persistent XSS. It provides technical details and proof-of-concept examples for each vulnerability.

Description

Photo Transfer Upload 1.0 iOS - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP

by Vulnerability-Lab · textwebappsios

https://www.exploit-db.com/exploits/27656

View Code ZIP pw:eip

The document describes multiple vulnerabilities in Photo Transfer Upload v1.0 iOS app, including local file inclusion, arbitrary file upload, and persistent XSS. It provides technical details and proof-of-concept examples for each vulnerability.

Classification

Writeup 90%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: Photo Transfer Upload v1.0 (iOS)

No auth needed

Prerequisites: Network access to the vulnerable application · Ability to send crafted HTTP requests

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026