EIP-2026-104700

PRE-CVE

PHP 5.0.5 - Safedir Restriction Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104700. PoCs published by anonymous.

AI-analyzed exploit summary This exploit demonstrates two separate vulnerabilities in PHP: a directory traversal via CURL with the 'file://' scheme and an arbitrary file write via the imagegif function. Both can be used to bypass 'safe_dir' restrictions and achieve remote code execution or information disclosure.

Description

PHP 5.0.5 - Safedir Restriction Bypass

Exploits (1)

exploitdb WORKING POC VERIFIED

by anonymous · phplocalphp

https://www.exploit-db.com/exploits/26352

View Code ZIP pw:eip

This exploit demonstrates two separate vulnerabilities in PHP: a directory traversal via CURL with the 'file://' scheme and an arbitrary file write via the imagegif function. Both can be used to bypass 'safe_dir' restrictions and achieve remote code execution or information disclosure.

Classification

Working Poc 90%

Attack Type

Rce | Info Leak

Complexity

Trivial

Reliability

Reliable

Target: PHP (versions affected by CVE-2026-104694)

No auth needed

Prerequisites: PHP installation with vulnerable configuration · Ability to upload or control a PHP script on the target system

MITRE ATT&CK

T1204 - User Execution T1005 - Data from Local System

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026