EIP-2026-102280

PRE-CVE

Photos in Wifi 1.0.1 - Path Traversal

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102280. PoCs published by Vulnerability-Lab.

AI-analyzed exploit summary This advisory details a path traversal vulnerability in Photos in Wifi 1.0.1 iOS app, allowing remote attackers to access unauthorized directories via manipulated filename values in POST requests. The vulnerability is located in the upload module and processed by the asset.php file.

Description

Photos in Wifi 1.0.1 - Path Traversal

Exploits (1)

exploitdb WRITEUP

by Vulnerability-Lab · textwebappsios

https://www.exploit-db.com/exploits/43457

View Code ZIP pw:eip

This advisory details a path traversal vulnerability in Photos in Wifi 1.0.1 iOS app, allowing remote attackers to access unauthorized directories via manipulated filename values in POST requests. The vulnerability is located in the upload module and processed by the asset.php file.

Classification

Writeup 90%

Attack Type

Other

Complexity

Moderate

Reliability

Reliable

Target: Photos in Wifi iOS app 1.0.1

No auth needed

Prerequisites: Network access to the vulnerable app's web interface

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026