EIP-2026-104879

PRE-CVE

aa33code 0.0.1 - Local File Inclusion / Authentication Bypass / File Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104879. PoCs published by SirGod.

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in aa33code 0.0.1, including Local File Inclusion (LFI), authentication bypass, and database configuration disclosure. The PoC provides direct URLs to exploit these vulnerabilities without requiring authentication.

Description

aa33code 0.0.1 - Local File Inclusion / Authentication Bypass / File Disclosure

Exploits (1)

exploitdb WORKING POC VERIFIED

by SirGod · textwebappsphp

https://www.exploit-db.com/exploits/9326

View Code ZIP pw:eip

This exploit demonstrates multiple vulnerabilities in aa33code 0.0.1, including Local File Inclusion (LFI), authentication bypass, and database configuration disclosure. The PoC provides direct URLs to exploit these vulnerabilities without requiring authentication.

Classification

Working Poc 90%

Attack Type

Info Leak | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: aa33code 0.0.1

No auth needed

Prerequisites: Network access to the target application

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026