EIP-2026-103319

PRE-CVE

SAP B2B / B2C CRM 2.x < 4.x - Local File Inclusion

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103319. PoCs published by Richard Alviarez.

AI-analyzed exploit summary This is a writeup describing a Local File Inclusion (LFI) vulnerability in SAP B2B/B2C CRM versions 2.x to 4.x. It provides URLs and parameters to exploit the vulnerability but does not include executable code.

Description

SAP B2B / B2C CRM 2.x < 4.x - Local File Inclusion

Exploits (1)

exploitdb WRITEUP
by Richard Alviarez · textwebappslinux
https://www.exploit-db.com/exploits/44655

This is a writeup describing a Local File Inclusion (LFI) vulnerability in SAP B2B/B2C CRM versions 2.x to 4.x. It provides URLs and parameters to exploit the vulnerability but does not include executable code.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: SAP B2B/B2C CRM 2.x to 4.x
No auth needed
Prerequisites: Access to the SAP server URL
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026