EIP-2026-105283

PRE-CVE

Atomy Maxsite - 'index.php' Arbitrary File Upload

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-105283. PoCs published by Iranian_Dark_Coders_Team.

AI-analyzed exploit summary The provided text describes a file upload vulnerability in Atomy Maxsite versions 1.50 through 2.5, allowing arbitrary code execution due to insufficient input sanitization. The exploit path is provided, but no actual exploit code is included.

Description

Atomy Maxsite - 'index.php' Arbitrary File Upload

Exploits (1)

exploitdb WRITEUP VERIFIED

by Iranian_Dark_Coders_Team · textwebappsphp

https://www.exploit-db.com/exploits/38607

View Code ZIP pw:eip

The provided text describes a file upload vulnerability in Atomy Maxsite versions 1.50 through 2.5, allowing arbitrary code execution due to insufficient input sanitization. The exploit path is provided, but no actual exploit code is included.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Atomy Maxsite 1.50-2.5

No auth needed

Prerequisites: Access to the vulnerable endpoint

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1210 - Exploitation of Remote Services

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026