EIP-2026-105323

PRE-CVE

autositephp 2.0.3 - Local File Inclusion / Cross-Site Request Forgery / Edit File

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-105323. PoCs published by SirGod.

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in AutositePHP v2.0.3, including Local File Inclusion (LFI), Cross-Site Request Forgery (CSRF), and arbitrary file editing. The PoC provides clear examples of how to exploit these vulnerabilities to read local files and perform unauthorized actions.

Description

autositephp 2.0.3 - Local File Inclusion / Cross-Site Request Forgery / Edit File

Exploits (1)

exploitdb WORKING POC VERIFIED

by SirGod · textwebappsphp

https://www.exploit-db.com/exploits/7448

View Code ZIP pw:eip

This exploit demonstrates multiple vulnerabilities in AutositePHP v2.0.3, including Local File Inclusion (LFI), Cross-Site Request Forgery (CSRF), and arbitrary file editing. The PoC provides clear examples of how to exploit these vulnerabilities to read local files and perform unauthorized actions.

Classification

Working Poc 90%

Attack Type

Lfi | Csrf | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: AutositePHP v2.0.3

Auth required

Prerequisites: Access to the target application · Administrative privileges for file editing

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026