EIP-2026-104803

PRE-CVE

1024 CMS 1.1.0 Beta - Multiple Input Validation Vulnerabilities

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104803. PoCs published by QSecure & Demetris Papapetrou.

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in 1024cms, including local file inclusion (LFI), directory traversal, and cross-site scripting (XSS). The PoC provides URLs that can be used to exploit these vulnerabilities to read arbitrary files or execute arbitrary JavaScript in the context of the affected site.

Description

1024 CMS 1.1.0 Beta - Multiple Input Validation Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED
by QSecure & Demetris Papapetrou · textwebappsphp
https://www.exploit-db.com/exploits/35598

This exploit demonstrates multiple vulnerabilities in 1024cms, including local file inclusion (LFI), directory traversal, and cross-site scripting (XSS). The PoC provides URLs that can be used to exploit these vulnerabilities to read arbitrary files or execute arbitrary JavaScript in the context of the affected site.

Classification
Working Poc 90%
Attack Type
Info Leak | Xss
Complexity
Trivial
Reliability
Reliable
Target: 1024cms 1.1.0 beta
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026