EIP-2026-104828

PRE-CVE

2Moons 1.4 - Multiple Remote File Inclusions

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104828. PoCs published by indoushka.

AI-analyzed exploit summary The provided text describes multiple remote file-include vulnerabilities in 2Moons 1.4 due to insufficient input sanitization. It lists various endpoints where an attacker can inject malicious input to potentially execute arbitrary code or disclose sensitive information.

Description

2Moons 1.4 - Multiple Remote File Inclusions

Exploits (1)

exploitdb WRITEUP VERIFIED

by indoushka · textwebappsphp

https://www.exploit-db.com/exploits/36223

View Code ZIP pw:eip

The provided text describes multiple remote file-include vulnerabilities in 2Moons 1.4 due to insufficient input sanitization. It lists various endpoints where an attacker can inject malicious input to potentially execute arbitrary code or disclose sensitive information.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: 2Moons 1.4

No auth needed

Prerequisites: Network access to the target application · Vulnerable version of 2Moons installed

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026