EIP-2026-104702

PRE-CVE

PHP 5.2.9 cURL - 'Safe_mode' / 'open_basedir' Restriction Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104702. PoCs published by Maksymilian Arciemowicz.

AI-analyzed exploit summary This PHP script generates a file (cx529.php) that exploits a safe_mode and open_basedir bypass vulnerability in PHP 5.2.9. The exploit uses base64-encoded PHP code to create a script that can read files outside restricted directories, bypassing intended security restrictions.

Description

PHP 5.2.9 cURL - 'Safe_mode' / 'open_basedir' Restriction Bypass

Exploits (1)

exploitdb WORKING POC VERIFIED

by Maksymilian Arciemowicz · phplocalphp

https://www.exploit-db.com/exploits/32901

View Code ZIP pw:eip

This PHP script generates a file (cx529.php) that exploits a safe_mode and open_basedir bypass vulnerability in PHP 5.2.9. The exploit uses base64-encoded PHP code to create a script that can read files outside restricted directories, bypassing intended security restrictions.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: PHP 5.2.9

No auth needed

Prerequisites: PHP 5.2.9 with safe_mode and open_basedir restrictions enabled · Ability to execute arbitrary PHP scripts on the target system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026