EIP-2026-104290

PRE-CVE

JDownloader Webinterface - Source Code Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104290. PoCs published by Sil3nt_Dre4m.

AI-analyzed exploit summary The exploit demonstrates a source code disclosure vulnerability in JDownloader's WebInterface by accessing specific URLs that bypass input sanitization, allowing attackers to retrieve the source code of template files. The exploit works on both Linux and Windows systems by appending specific characters to the URL path.

Description

JDownloader Webinterface - Source Code Disclosure

Exploits (1)

exploitdb WORKING POC

by Sil3nt_Dre4m · textwebappsmultiple

https://www.exploit-db.com/exploits/15611

View Code ZIP pw:eip

The exploit demonstrates a source code disclosure vulnerability in JDownloader's WebInterface by accessing specific URLs that bypass input sanitization, allowing attackers to retrieve the source code of template files. The exploit works on both Linux and Windows systems by appending specific characters to the URL path.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: JDownloader WebInterface 0.9.850

No auth needed

Prerequisites: Network access to the JDownloader WebInterface

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026