Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-104736. PoCs published by Timo Schmid.
AI-analyzed exploit summary This advisory details a PHP code execution vulnerability in the jui_filter_rules library, where attacker-controlled input in the 'filter_value_conversion_server_side' parameter allows arbitrary PHP function execution via 'call_user_func_array'. The PoC demonstrates RCE by executing 'shell_exec' to read '/etc/passwd'.
Description
jQuery - jui_filter_rules PHP Code Execution
Exploits (1)
This advisory details a PHP code execution vulnerability in the jui_filter_rules library, where attacker-controlled input in the 'filter_value_conversion_server_side' parameter allows arbitrary PHP function execution via 'call_user_func_array'. The PoC demonstrates RCE by executing 'shell_exec' to read '/etc/passwd'.